Total
11936 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-6048 | 1 Guitar-pro | 1 Guitar Pro | 2012-11-27 | 5.0 MEDIUM | N/A |
| Guitar Pro 6.1.1 r10791 allows remote attackers to cause a denial of service (crash) via a long string in a gpx file. | |||||
| CVE-2012-1802 | 1 Siemens | 10 Scalance X-300, Scalance X-300 Firmware, Scalance X-300eec and 7 more | 2012-11-20 | 7.8 HIGH | N/A |
| Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414-3E before 3.7.1, X308-2M before 3.7.2, X-300EEC before 3.7.2, XR-300 before 3.7.2, and X-300 before 3.7.2 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a malformed URL. | |||||
| CVE-2012-1800 | 1 Siemens | 4 Scalance S602, Scalance S612, Scalance S613 and 1 more | 2012-11-20 | 6.1 MEDIUM | N/A |
| Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 allows remote attackers to cause a denial of service (device outage) or possibly execute arbitrary code via a crafted DCP frame. | |||||
| CVE-2012-4513 | 1 Kde | 1 Kde | 2012-11-12 | 6.4 MEDIUM | N/A |
| khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read. | |||||
| CVE-2012-2394 | 1 Wireshark | 1 Wireshark | 2012-11-06 | 3.3 LOW | N/A |
| Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a (1) ICMP or (2) ICMPv6 Echo Request packet. | |||||
| CVE-2012-2152 | 1 Roy Marples | 1 Dhcpcd | 2012-11-06 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the get_packet method in socket.c in dhcpcd 3.2.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long packet. | |||||
| CVE-2011-4000 | 1 Nara Institute Of Science And Technology | 1 Chasen | 2012-11-06 | 9.3 HIGH | N/A |
| Buffer overflow in ChaSen 2.4.x allows remote attackers to execute arbitrary code via a crafted string. | |||||
| CVE-2007-4791 | 1 Ibm | 1 Aix | 2012-11-06 | 7.2 HIGH | N/A |
| Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2005-3504 and CVE-2007-0978. | |||||
| CVE-2008-5094 | 1 Novell | 1 Edirectory | 2012-10-31 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the NDS Service in Novell eDirectory before 8.8 SP3 has unknown impact and attack vectors. | |||||
| CVE-2008-5092 | 1 Novell | 1 Edirectory | 2012-10-31 | 10.0 HIGH | N/A |
| Heap-based buffer overflows in Novell eDirectory HTTP protocol stack (HTTPSTK) before 8.8 SP3 have unknown impact and attack vectors related to the (1) HTTP language header and (2) HTTP content-length header. | |||||
| CVE-2007-0447 | 1 Symantec | 13 Antivirus Scan Engine, Brightmail Antispam, Client Security and 10 more | 2012-10-31 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives. | |||||
| CVE-2012-0409 | 1 Emc | 1 Autostart | 2012-10-30 | 7.5 HIGH | N/A |
| Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.3 allow remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via crafted packets. | |||||
| CVE-2012-0289 | 1 Symantec | 2 Endpoint Protection, Network Access Control | 2012-10-30 | 7.2 HIGH | N/A |
| Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Network Access Control (SNAC) 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script. | |||||
| CVE-2009-1722 | 1 Openexr | 1 Openexr | 2012-10-23 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-1816 | 1 Emerson | 3 Deltav, Deltav Proessentials Scientific Graph, Deltav Workstation | 2012-10-13 | 5.0 MEDIUM | N/A |
| PORTSERV.exe in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to cause a denial of service (daemon crash) via a crafted (1) TCP or (2) UDP packet to port 111. | |||||
| CVE-2012-5345 | 1 Kepler Lam | 1 Iptools | 2012-10-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in the Remote command server (Rcmd.bat) in IpTools (aka Tiny TCP/IP server) 0.1.4 allows remote attackers to cause a denial of service (crash) via a long string to TCP port 23. | |||||
| CVE-2012-1189 | 2 Bernhard Wymann, Speed-dreams | 2 Torcs, Speed Dreams | 2012-10-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in modules/graphic/ssgraph/grsound.cpp in The Open Racing Car Simulator (TORCS) before 1.3.3 and Speed Dreams allows user-assisted remote attackers to execute arbitrary code via a long file name in an engine sample attribute in an xml configuration file. | |||||
| CVE-2012-4415 | 2 Fedoraproject, Guac-dev | 2 Fedora, Guacamole | 2012-10-01 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the guac_client_plugin_open function in libguac in Guacamole before 0.6.3 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long protocol name. | |||||
| CVE-2012-2042 | 1 Adobe | 2 Illustrator, Illustrator Cs5.5 | 2012-09-29 | 10.0 HIGH | N/A |
| Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2023, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026. | |||||
| CVE-2012-3686 | 1 Apple | 1 Safari | 2012-09-22 | 9.3 HIGH | N/A |
| WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||