Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-4134 | 1 Flexerasoftware | 1 Flexnet Publisher | 2012-01-20 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in lmadmin in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allows remote attackers to execute arbitrary code via a crafted 0x2f packet. | |||||
| CVE-2011-3342 | 1 Openttd | 1 Openttd | 2012-01-19 | 7.5 HIGH | N/A |
| Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame. | |||||
| CVE-2011-3343 | 1 Openttd | 1 Openttd | 2012-01-19 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file. | |||||
| CVE-2011-2778 | 1 Tor | 1 Tor | 2012-01-19 | 7.6 HIGH | N/A |
| Multiple heap-based buffer overflows in Tor before 0.2.2.35 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by (1) establishing a SOCKS connection to SocksPort or (2) leveraging a SOCKS proxy configuration. | |||||
| CVE-2011-2685 | 1 Libreoffice | 1 Libreoffice | 2012-01-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file. | |||||
| CVE-2011-3217 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-01-14 | 6.8 MEDIUM | N/A |
| MediaKit in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk image. | |||||
| CVE-2011-3222 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-01-14 | 6.8 MEDIUM | N/A |
| Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file. | |||||
| CVE-2011-3223 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-01-14 | 6.8 MEDIUM | N/A |
| Buffer overflow in QuickTime in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLIC movie file. | |||||
| CVE-2011-0230 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-01-14 | 7.5 HIGH | N/A |
| Buffer overflow in the ATSFontDeactivate API in Apple Type Services (ATS) in Apple Mac OS X before 10.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | |||||
| CVE-2011-0229 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-01-14 | 6.8 MEDIUM | N/A |
| Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access. | |||||
| CVE-2011-5059 | 1 Finaldraft | 1 Finaldraft | 2012-01-13 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Final Draft 8 before 8.02 allows remote attackers to execute arbitrary code via a crafted SmartType element, a different vulnerability than CVE-2011-5002. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2011-4037 | 1 Sielcosistemi | 2 Winlog Lite, Winlog Pro | 2012-01-12 | 9.3 HIGH | N/A |
| Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file. | |||||
| CVE-2011-4529 | 1 Siemens | 1 Automation License Manager | 2012-01-09 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allow remote attackers to execute arbitrary code via a long serialid field in an _licensekey command, as demonstrated by the (1) check_licensekey or (2) read_licensekey command. | |||||
| CVE-2011-4870 | 1 Invensys | 1 Wonderware Inbatch | 2012-01-09 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in the (1) GUIControls, (2) BatchObjSrv, and (3) BatchSecCtrl ActiveX controls in Invensys Wonderware InBatch 9.0 and 9.0 SP1, and InBatch 8.1 SP1, 9.0 SP2, and 9.5 Server and Runtime Clients, allow remote attackers to execute arbitrary code via a long string in a property value, a different issue than CVE-2011-3141. | |||||
| CVE-2010-5081 | 1 Mini-stream | 1 Rm-mp3 Converter | 2011-12-28 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Mini-Stream RM-MP3 Converter 3.1.2.1 allows remote attackers to execute arbitrary code via a long URL in a .pls file. | |||||
| CVE-2009-5109 | 1 Mini-stream | 1 Ripper | 2011-12-28 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Mini-Stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long entry in a .pls file. | |||||
| CVE-2011-4536 | 1 Wellintech | 1 Kingview | 2011-12-27 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in nettransdll.dll in HistorySvr.exe (aka HistoryServer.exe) in WellinTech KingView 6.53 and 65.30.2010.18018 allows remote attackers to execute arbitrary code via a crafted op-code 3 packet. | |||||
| CVE-2011-4052 | 1 Indusoft | 1 Web Studio | 2011-12-22 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 allows remote attackers to execute arbitrary code via a crafted 0x15 (aka Remove File) operation for a file with a long name. | |||||
| CVE-2009-3347 | 1 D-link | 1 Dir-400 | 2011-12-20 | 10.0 HIGH | N/A |
| Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2009-3345 | 1 Sap | 1 Crystal Reports Server | 2011-12-20 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in SAP Crystal Reports Server 2008 has unknown impact and attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.3 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||