Total
1225 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-0216 | 2 Apple, Microsoft | 4 Safari, Windows 7, Windows Vista and 1 more | 2013-02-07 | 9.3 HIGH | N/A |
| Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site. | |||||
| CVE-2010-1525 | 1 Autonomy | 3 Keyview Export Sdk, Keyview Filter Sdk, Keyview Viewer Sdk | 2013-02-07 | 9.3 HIGH | N/A |
| Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted size for an unspecified record type, which triggers a heap-based buffer overflow. | |||||
| CVE-2010-0134 | 1 Autonomy | 3 Keyview Export Sdk, Keyview Filter Sdk, Keyview Viewer Sdk | 2013-02-07 | 9.3 HIGH | N/A |
| Integer signedness error in rtfsr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via a crafted \ls keyword in a list override table entry in an RTF file, which triggers a buffer overflow. | |||||
| CVE-2009-3032 | 2 Ibm, Symantec | 6 Lotus Notes, Brightmail Gateway, Data Loss Prevention Detection Servers and 3 more | 2013-02-07 | 10.0 HIGH | N/A |
| Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow. | |||||
| CVE-2012-4689 | 1 Ge | 3 Intelligent Platforms Proficy Hmi\/scada Cimplicity, Intelligent Platforms Proficy Process Systems, Intelligent Platforms Proficy Process Systems With Cimplicity | 2013-01-29 | 4.3 MEDIUM | N/A |
| Integer overflow in CimWebServer.exe in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to cause a denial of service (daemon crash) via a malformed HTTP request. | |||||
| CVE-2008-3072 | 1 Simple Machines | 1 Simple Machines Forum | 2012-11-27 | 7.5 HIGH | N/A |
| Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before 1.0.13, when running in PHP before 4.2.0, does not properly seed the random number generator, which has unknown impact and attack vectors. | |||||
| CVE-2007-5713 | 2 Amxmodx, Valve Software | 2 Amx Mod X, Half-life Dedicated Server | 2012-10-30 | 7.5 HIGH | N/A |
| Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for Half-Life Server might allow attackers to execute arbitrary code or cause a denial of service via unspecified input related to geolocation, which triggers an error message from the (1) geoip_code2 or (2) geoip_code3 function, leading to a buffer overflow. | |||||
| CVE-2009-1720 | 1 Openexr | 1 Openexr | 2012-10-23 | 7.5 HIGH | N/A |
| Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors that trigger heap-based buffer overflows, related to (1) the Imf::PreviewImage::PreviewImage function and (2) compressor constructors. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5279 | 1 Vwar | 1 Virtual War | 2012-10-08 | 5.0 MEDIUM | N/A |
| article.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers to cause a denial of service (memory consumption) via a large integer in the ratearticleselect parameter. | |||||
| CVE-2012-1175 | 1 Gnu | 1 Gnash | 2012-08-27 | 6.8 MEDIUM | N/A |
| Integer overflow in the GnashImage::size method in libbase/GnashImage.h in GNU Gnash 0.8.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SWF file, which triggers a heap-based buffer overflow. | |||||
| CVE-2012-2674 | 1 Google | 1 Bionic | 2012-08-24 | 4.3 MEDIUM | N/A |
| Multiple integer overflows in the (1) chk_malloc, (2) leak_malloc, and (3) leak_memalign functions in libc/bionic/malloc_debug_leak.c in Bionic (libc) for Android, when libc.debug.malloc is set, make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected. | |||||
| CVE-2012-4355 | 1 Sielcosistemi | 2 Winlog Lite, Winlog Pro | 2012-08-20 | 9.3 HIGH | N/A |
| TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4354. | |||||
| CVE-2012-4354 | 1 Sielcosistemi | 2 Winlog Lite, Winlog Pro | 2012-08-20 | 9.3 HIGH | N/A |
| TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-0407 | 1 Emc | 1 Data Protection Advisor | 2012-08-14 | 5.0 MEDIUM | N/A |
| Integer overflow in the DPA_Utilities library in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (infinite loop) via a negative 64-bit value in a certain size field. | |||||
| CVE-2005-4895 | 1 Csilvers | 1 Gperftools | 2012-08-09 | 5.0 MEDIUM | N/A |
| Multiple integer overflows in TCMalloc (tcmalloc.cc) in gperftools before 0.4 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected. | |||||
| CVE-2012-2676 | 1 Emery Berger | 1 Hoard | 2012-07-30 | 4.3 MEDIUM | N/A |
| Multiple integer overflows in the (1) malloc and (2) calloc functions in Hoard before 3.9 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows on implementing code via a large size value, which causes less memory to be allocated than expected. | |||||
| CVE-2012-2675 | 1 Nedprod | 1 Nedmalloc | 2012-07-30 | 4.3 MEDIUM | N/A |
| Multiple integer overflows in the (1) CallMalloc (malloc) and (2) nedpcalloc (calloc) functions in nedmalloc (nedmalloc.c) before 1.10 beta2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected. | |||||
| CVE-2007-6754 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2012-07-26 | 5.0 MEDIUM | N/A |
| The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD does not properly allocate memory, which makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, related to "integer rounding and overflow" errors. | |||||
| CVE-2006-7252 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2012-07-26 | 5.0 MEDIUM | N/A |
| Integer overflow in the calloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which triggers a memory allocation of one byte. | |||||
| CVE-2011-3464 | 1 Libpng | 1 Libpng | 2012-07-23 | 7.5 HIGH | N/A |
| Off-by-one error in the png_formatted_warning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors, which trigger a stack-based buffer overflow. | |||||