Total
11936 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-0615 | 1 Adobe | 1 Audition | 2011-05-25 | 9.3 HIGH | N/A |
| Multiple buffer overflows in Adobe Audition 3.0.1 and earlier allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted data in unspecified fields in the TRKM chunk in an Audition Session (aka .ses) file, related to inconsistent use of character data types. | |||||
| CVE-2007-5652 | 1 Ibm | 1 Db2 | 2011-05-12 | 7.8 HIGH | N/A |
| IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to be certain that it is security-related. | |||||
| CVE-2010-0361 | 1 Sun | 1 Java System Web Server | 2011-04-28 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the WebDAV implementation in webservd in Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via a long URI in an HTTP OPTIONS request. | |||||
| CVE-2010-0358 | 1 Ibm | 1 Lotus Domino | 2011-04-28 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the server in IBM Lotus Domino 7 and 8.5 FP1 allows remote attackers to cause a denial of service (daemon exit) and possibly have unspecified other impact via a long string in a crafted LDAP message to a TCP port, a different vulnerability than CVE-2009-3087. | |||||
| CVE-2010-0562 | 1 Fetchmail | 1 Fetchmail | 2011-04-27 | 6.8 MEDIUM | N/A |
| The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an SSL X.509 certificate containing non-printable characters with the high bit set, which triggers a heap-based buffer overflow during escaping. | |||||
| CVE-2010-4712 | 1 Novell | 1 Groupwise | 2011-04-26 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing (1) multiple items separated by ; (semicolon) characters or (2) crafted string data. | |||||
| CVE-2010-4741 | 1 Moxa | 2 Device Manager, Mdm Tool | 2011-04-26 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in MDMUtil.dll in MDMTool.exe in MDM Tool before 2.3 in Moxa Device Manager allows remote MDM Gateways to execute arbitrary code via crafted data in a session on TCP port 54321. | |||||
| CVE-2010-4714 | 1 Novell | 1 Groupwise | 2011-04-26 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in the Internet Agent, (4) the WebAccess Agent, or (5) the Monitor Agent. | |||||
| CVE-2010-4742 | 1 Moxa | 1 Activex Sdk | 2011-04-26 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in a certain ActiveX control in MediaDBPlayback.DLL 2.2.0.5 in the Moxa ActiveX SDK allows remote attackers to execute arbitrary code via a long PlayFileName property value. | |||||
| CVE-2011-0379 | 1 Cisco | 13 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 10 more | 2011-04-09 | 7.9 HIGH | N/A |
| Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x; and Cisco TelePresence Manager 1.2.x, 1.3.x, 1.4.x, 1.5.x, and 1.6.2 allows remote attackers to execute arbitrary code via a crafted Cisco Discovery Protocol packet, aka Bug IDs CSCtd75769, CSCtd75766, CSCtd75754, and CSCtd75761. | |||||
| CVE-2007-2907 | 1 Ssl-explorer | 1 Ssl-explorer | 2011-04-07 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in SSL-Explorer before 0.2.13 allows remote authenticated users to enter redirect URLs containing (1) JavaScript or (2) HTTP headers via an unspecified vector, possibly the forwardTo parameter to redirect.do. NOTE: the impact might be cross-site scripting (XSS) or HTTP request smuggling. | |||||
| CVE-2010-4596 | 1 Realnetworks | 2 Helix Mobile Server, Helix Server | 2011-04-06 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x before 14.2, allows remote attackers to execute arbitrary code via a long string in an RTSP request. | |||||
| CVE-2011-0175 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2011-03-24 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded TrueType font. | |||||
| CVE-2011-0177 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2011-03-24 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted SFNT table in an embedded font. | |||||
| CVE-2011-0174 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2011-03-24 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code via a document that contains a crafted embedded OpenType font. | |||||
| CVE-2011-0179 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2011-03-24 | 6.8 MEDIUM | N/A |
| CoreText in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a document that contains a crafted embedded font. | |||||
| CVE-2011-0176 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2011-03-24 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded Type 1 font. | |||||
| CVE-2011-0193 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2011-03-23 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Canon RAW image. | |||||
| CVE-2011-0115 | 2 Apple, Microsoft | 7 Itunes, Safari, Webkit and 4 more | 2011-03-18 | 7.6 HIGH | N/A |
| The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | |||||
| CVE-2010-4652 | 1 Proftpd | 1 Proftpd | 2011-03-18 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the sql_prepare_where function (contrib/mod_sql.c) in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly handled during construction of an SQL query. | |||||