Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-2858 | 4 Apple, Google, Linux and 1 more | 5 Mac Os X, Chrome, Frame and 2 more | 2023-11-07 | 6.8 MEDIUM | N/A |
| Buffer overflow in the WebP decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted WebP image. | |||||
| CVE-2012-3377 | 1 Videolan | 1 Vlc Media Player | 2023-11-07 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file. | |||||
| CVE-2012-2856 | 4 Apple, Google, Linux and 1 more | 5 Mac Os X, Chrome, Frame and 2 more | 2023-11-07 | 7.5 HIGH | N/A |
| The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. | |||||
| CVE-2012-3455 | 1 Kde | 1 Koffice | 2023-11-07 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in KOffice 2.3.3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ODF style in an ODF document. NOTE: this is the same vulnerability as CVE-2012-3456, but it was SPLIT by the CNA even though Calligra and KOffice share the same codebase. | |||||
| CVE-2012-3425 | 5 Canonical, Debian, Libpng and 2 more | 5 Ubuntu Linux, Debian Linux, Libpng and 2 more | 2023-11-07 | 4.3 MEDIUM | N/A |
| The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large avail_in field value in a PNG image. | |||||
| CVE-2012-2881 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2023-11-07 | 7.5 HIGH | N/A |
| Google Chrome before 22.0.1229.79 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2012-2895 | 1 Google | 1 Chrome | 2023-11-07 | 6.8 MEDIUM | N/A |
| The PDF functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. | |||||
| CVE-2012-2883 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2023-11-07 | 7.5 HIGH | N/A |
| Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2874. | |||||
| CVE-2012-2874 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2023-11-07 | 7.5 HIGH | N/A |
| Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883. | |||||
| CVE-2012-2879 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2023-11-07 | 4.3 MEDIUM | N/A |
| Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service (DOM topology corruption) via a crafted document. | |||||
| CVE-2012-2876 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2023-11-07 | 7.5 HIGH | N/A |
| Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2012-0882 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2023-11-07 | 7.5 HIGH | N/A |
| Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE. | |||||
| CVE-2012-0847 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | 4.3 MEDIUM | N/A |
| Heap-based buffer overflow in the avfilter_filter_samples function in libavfilter/avfilter.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) via a crafted media file. | |||||
| CVE-2012-0852 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-11-07 | 6.8 MEDIUM | N/A |
| The adpcm_decode_frame function in adpcm.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an ADPCM file with the number of channels not equal to two. | |||||
| CVE-2012-0850 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | 4.3 MEDIUM | N/A |
| The sbr_qmf_synthesis function in libavcodec/aacsbr.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) via a crafted mpg file that triggers memory corruption involving the v_off variable, probably a buffer underflow. | |||||
| CVE-2012-2774 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | 5.0 MEDIUM | N/A |
| The ff_MPV_frame_start function in libavcodec/mpegvideo.c in FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors, related to starting "a frame outside SETUP state." | |||||
| CVE-2012-0851 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-11-07 | 6.8 MEDIUM | N/A |
| The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted H.264 file, related to the chroma_format_idc value. | |||||
| CVE-2012-0855 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | 5.0 MEDIUM | N/A |
| Heap-based buffer overflow in the get_sot function in the J2K decoder (j2k.c) in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) via unspecified vectors related to the curtileno variable. | |||||
| CVE-2012-0698 | 1 Trustedcomputinggroup | 1 Trousers | 2023-11-07 | 5.0 MEDIUM | N/A |
| tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of service (daemon crash) via a crafted type_offset value in a TCP packet to port 30003. | |||||
| CVE-2012-2813 | 1 Libexif Project | 1 Libexif | 2023-11-07 | 6.4 MEDIUM | N/A |
| The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image. | |||||