Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3174 | 1 Novell | 1 Zenworks Configuration Management | 2012-07-27 | 6.8 MEDIUM | N/A |
| Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary code via a long bstrReplaceText parameter. | |||||
| CVE-2012-0282 | 1 Xnview | 1 Xnview | 2012-07-18 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ImageLeftPosition value in an ImageDescriptor structure in a GIF image. | |||||
| CVE-2012-0276 | 1 Xnview | 1 Xnview | 2012-07-18 | 6.8 MEDIUM | N/A |
| Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF image with the PhotometricInterpretation encoding set to LogL. | |||||
| CVE-2012-2515 | 2 Emc, Ge | 7 Captiva Quickscan Pro, Documentum Applicationxtender Desktop, Intelligent Platforms Proficy Batch Execution and 4 more | 2012-07-17 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method. | |||||
| CVE-2012-3585 | 1 Irfanview | 2 Irfanview, Irfanview Plugins | 2012-07-17 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file. | |||||
| CVE-2012-1832 | 1 Wellintech | 1 Kingview | 2012-07-17 | 10.0 HIGH | N/A |
| WellinTech KingView 6.53 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted packet to (1) TCP or (2) UDP port 2001. | |||||
| CVE-2011-5096 | 1 Avaya | 1 Aura Application Server 5300 | 2012-07-17 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x before 1.0.2 and 2.0 before Patch Bundle 10 allows remote attackers to execute arbitrary code via a crafted cs_anams parameter in a CONTENT_STORE_ADMIN_REQ packet. | |||||
| CVE-2012-1831 | 1 Wellintech | 1 Kingview | 2012-07-17 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555. | |||||
| CVE-2012-1830 | 1 Wellintech | 1 Kingview | 2012-07-17 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555. | |||||
| CVE-2012-1162 | 1 Nih | 1 Libzip | 2012-07-13 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a zip archive with the number of directories set to 0, related to an "incorrect loop construct." | |||||
| CVE-2009-0693 | 1 Dell | 1 Wyse Device Manager | 2012-06-20 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Wyse Device Manager (WDM) 4.7.x allow remote attackers to execute arbitrary code via (1) the User-Agent HTTP header to hserver.dll or (2) unspecified input to hagent.exe. | |||||
| CVE-2011-3494 | 1 Interactivedata | 1 Esignal | 2012-06-20 | 10.0 HIGH | N/A |
| WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long StyleTemplate element in a QUO, SUM or POR file, which triggers a stack-based buffer overflow, or (2) a long Font->FaceName field (aka FaceName element), which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-2598 | 1 Siemens | 1 Wincc | 2012-06-12 | 4.3 MEDIUM | N/A |
| Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input. | |||||
| CVE-2011-3493 | 1 Cogentdatahub | 1 Cogent Datahub | 2012-06-04 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in the DH_OneSecondTick function in Cogent DataHub 7.1.1.63 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) domain, (2) report_domain, (3) register_datahub, or (4) slave commands. | |||||
| CVE-2012-0660 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-05-30 | 6.8 MEDIUM | N/A |
| Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file. | |||||
| CVE-2012-0658 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-05-30 | 6.8 MEDIUM | N/A |
| Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio sample tables in a movie file that is progressively downloaded. | |||||
| CVE-2012-2427 | 1 Xarrow | 1 Xarrow | 2012-05-28 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via packets that trigger an invalid free operation. | |||||
| CVE-2011-3460 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-05-18 | 7.5 HIGH | N/A |
| Buffer overflow in QuickTime in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PNG file. | |||||
| CVE-2011-0334 | 1 Novell | 1 Groupwise | 2012-05-14 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a long HTTP request for a .css file. | |||||
| CVE-2011-0333 | 1 Novell | 1 Groupwise | 2012-05-14 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf function in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted TZNAME variable in a VCALENDAR attachment in an e-mail message, related to an "integer truncation error." | |||||