Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1159 | 2 Aircrack-ng, Gentoo | 2 Aircrack-ng, Linux | 2013-10-29 | 6.8 MEDIUM | N/A |
| Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet. | |||||
| CVE-2013-5914 | 1 Polarssl | 1 Polarssl | 2013-10-28 | 6.8 MEDIUM | N/A |
| Buffer overflow in the ssl_read_record function in ssl_tls.c in PolarSSL before 1.1.8, when using TLS 1.1, might allow remote attackers to execute arbitrary code via a long packet. | |||||
| CVE-2012-4709 | 1 Invensys | 1 Wonderware Intouch | 2013-10-15 | 6.9 MEDIUM | N/A |
| Invensys Wonderware InTouch HMI 2012 R2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||
| CVE-2013-6079 | 1 Mostgear | 1 Easy Lan Folder Share | 2013-10-15 | 7.2 HIGH | N/A |
| Buffer overflow in MostGear Soft Easy LAN Folder Share 3.2.0.100 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in the (1) registration code field in the activate license window or the (2) HKLM\SOFTWARE\MostGear\EasyLanFolderShare_V1\License registry key. NOTE: it is not clear from the original report whether this issue crosses privilege boundaries. If not, then it should not be included in CVE. | |||||
| CVE-2013-2052 | 1 Libreswan | 1 Libreswan | 2013-10-11 | 5.1 MEDIUM | N/A |
| Buffer overflow in the atodn function in libreswan 3.0 and 3.1, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2053 and CVE-2013-2054. | |||||
| CVE-2013-2238 | 1 Freeswitch | 1 Freeswitch | 2013-10-11 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in the switch_perform_substitution function in switch_regex.c in FreeSWITCH 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the index and substituted variables. | |||||
| CVE-2013-1243 | 1 Cisco | 9 Asa 5500-x Series Ips Ssp Software, Asa 5585-x, Idsm-2 and 6 more | 2013-10-11 | 7.8 HIGH | N/A |
| The IP stack in Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software and hardware modules before 7.1(5)E4, IPS 4500 sensors before 7.1(6)E4, and IPS 4300 sensors before 7.1(5)E4 allows remote attackers to cause a denial of service (MainApp process hang) via malformed IPv4 packets, aka Bug ID CSCtx18596. | |||||
| CVE-2013-5959 | 1 Bluecoat | 2 Proxysg, Proxysgos | 2013-10-11 | 7.1 HIGH | N/A |
| Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers a large number of HTTP RW pipeline pre-fetch requests. | |||||
| CVE-2013-5327 | 1 Adobe | 1 Robohelp | 2013-10-10 | 10.0 HIGH | N/A |
| MDBMS.dll in Adobe RoboHelp 10 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2013-2794 | 1 Trianglemicroworks | 3 .net Communication Protocol Components, Ansi C Source Code Libraries, Scada Data Gateway | 2013-10-08 | 4.9 MEDIUM | N/A |
| Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line. | |||||
| CVE-2013-5715 | 1 Gomlab | 1 Gom Player | 2013-10-08 | 10.0 HIGH | N/A |
| Buffer overflow in Gretech GOM Media Player before 2.2.53.5169 has unspecified impact and attack vectors. | |||||
| CVE-2013-4679 | 1 Symantec | 1 Workspace Virtualization | 2013-10-07 | 6.6 MEDIUM | N/A |
| Symantec Workspace Virtualization before 6.x before 6.4.1953.0, when a virtual application layer is configured, allows local users to gain privileges via an application that performs crafted interaction with the operating system. | |||||
| CVE-2013-4986 | 1 Iconcool | 1 Pdfcool Studio | 2013-10-07 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in PDFAX0722_IconCool.dll 7.22.1125.2121 in IconCool PDFCool Studio 3.32 Build 130330 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file. | |||||
| CVE-2013-3582 | 1 Dell | 22 Latitude D530, Latitude D531, Latitude D630 and 19 more | 2013-10-07 | 7.6 HIGH | N/A |
| Buffer overflow in Dell BIOS on Dell Latitude D###, E####, XT2, and Z600 devices, and Dell Precision M#### devices, allows local users to bypass intended BIOS signing requirements and install arbitrary BIOS images by leveraging administrative privileges and providing a crafted rbu_packet.pktNum value in conjunction with a crafted rbu_packet.pktSize value. | |||||
| CVE-2013-2808 | 1 Philips | 4 Xper Flex Cardio, Xper Information Management Physiomonitoring 5, Xper Information Management Vascular Monitoring 5 and 1 more | 2013-10-07 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Xper in Philips Xper Information Management Physiomonitoring 5 components, Xper Information Management Vascular Monitoring 5 components, and Xper Information Management servers and workstations for Flex Cardio products before XperConnect 1.5.4.053 SP2 allows remote attackers to execute arbitrary code via a crafted HTTP request to the Connect broker on TCP port 6000. | |||||
| CVE-2013-2197 | 2 Drupal, Login Security Project | 2 Drupal, Login Security | 2013-10-07 | 4.3 MEDIUM | N/A |
| The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal, when using the login delay option, allows remote attackers to cause a denial of service (CPU consumption) via a large number of failed login attempts. | |||||
| CVE-2013-0742 | 1 Corel | 1 Pdf Fusion | 2013-10-07 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS file. | |||||
| CVE-2012-1804 | 1 Progea | 1 Movicon | 2013-10-03 | 7.8 HIGH | N/A |
| The OPC server in Progea Movicon before 11.3 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted HTTP request. | |||||
| CVE-2012-4715 | 1 Rockwellautomation | 1 Rslinx Enterprise | 2013-10-02 | 10.0 HIGH | N/A |
| Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a UDP packet with a certain integer length value that is (1) too large or (2) too small, leading to improper handling by Logger.dll. | |||||
| CVE-2013-1026 | 1 Apple | 2 Iphone Os, Mac Os X | 2013-09-27 | 6.8 MEDIUM | N/A |
| Buffer overflow in ImageIO in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG2000 data in a PDF document. | |||||