Total
9527 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-2950 | 3 Apache, Canonical, Debian | 3 Openoffice, Ubuntu Linux, Debian Linux | 2023-12-10 | 9.3 HIGH | N/A |
Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression. | |||||
CVE-2011-3926 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2010-1451 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on the SPARC platform does not properly obtain the value of a certain _PAGE_EXEC_4U bit and consequently does not properly implement a non-executable stack, which makes it easier for context-dependent attackers to exploit stack-based buffer overflows via a crafted application. | |||||
CVE-2010-2519 | 4 Apple, Canonical, Debian and 1 more | 4 Mac Os X, Ubuntu Linux, Debian Linux and 1 more | 2023-12-10 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file. | |||||
CVE-2011-3919 | 5 Apple, Debian, Google and 2 more | 9 Iphone Os, Mac Os X, Debian Linux and 6 more | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2010-4206 | 3 Fedoraproject, Google, Webkitgtk | 3 Fedora, Chrome, Webkitgtk | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SVG document, related to effects in the application of filters. | |||||
CVE-2011-1017 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2023-12-10 | 7.2 HIGH | N/A |
Heap-based buffer overflow in the ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel 2.6.37.2 and earlier might allow local users to gain privileges or obtain sensitive information via a crafted LDM partition table. | |||||
CVE-2011-0495 | 3 Debian, Digium, Fedoraproject | 6 Debian Linux, Asterisk, Asterisknow and 3 more | 2023-12-10 | 6.0 MEDIUM | N/A |
Stack-based buffer overflow in the ast_uri_encode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary code via crafted caller ID data in vectors involving the (1) SIP channel driver, (2) URIENCODE dialplan function, or (3) AGI dialplan function. | |||||
CVE-2011-4370 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Reader, Macos and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4372 and CVE-2011-4373. | |||||
CVE-2011-3018 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to path rendering. | |||||
CVE-2010-4541 | 1 Gimp | 1 Gimp | 2023-12-10 | 9.3 HIGH | N/A |
Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long "Number of lights" field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. | |||||
CVE-2011-2791 | 1 Google | 1 Chrome | 2023-12-10 | 6.8 MEDIUM | N/A |
The International Components for Unicode (ICU) functionality in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. | |||||
CVE-2011-3900 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Google V8, as used in Google Chrome before 15.0.874.121, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write operation. | |||||
CVE-2009-4134 | 1 Python | 1 Python | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference. | |||||
CVE-2011-4315 | 3 F5, Fedoraproject, Suse | 5 Nginx, Fedora, Studio and 2 more | 2023-12-10 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response. | |||||
CVE-2010-4656 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Linux kernel before 2.6.37 does not properly allocate memory, which might allow local users to trigger a heap-based buffer overflow, and consequently cause a denial of service or gain privileges, via a long report. | |||||
CVE-2011-3922 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Stack-based buffer overflow in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to glyph handling. | |||||
CVE-2010-3874 | 5 Debian, Fedoraproject, Linux and 2 more | 7 Debian Linux, Fedora, Linux Kernel and 4 more | 2023-12-10 | 4.0 MEDIUM | N/A |
Heap-based buffer overflow in the bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial of service (memory corruption) via a connect operation. | |||||
CVE-2012-0751 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2023-12-10 | 10.0 HIGH | N/A |
The ActiveX control in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
CVE-2010-0127 | 3 Adobe, Apple, Microsoft | 3 Shockwave Player, Macos, Windows | 2023-12-10 | 9.3 HIGH | 8.8 HIGH |
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted FFFFFF45h Shockwave 3D blocks in a Shockwave file. |