Total
11936 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-4514 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 4.7 MEDIUM | N/A |
| Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c in the Linux kernel before 3.12 allow local users to cause a denial of service or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability and providing a long station-name string, related to the (1) wvlan_uil_put_info and (2) wvlan_set_station_nickname functions. | |||||
| CVE-2013-4513 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 4.9 MEDIUM | N/A |
| Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation. | |||||
| CVE-2013-4512 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 4.7 MEDIUM | N/A |
| Buffer overflow in the exitcode_proc_write function in arch/um/kernel/exitcode.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging root privileges for a write operation. | |||||
| CVE-2013-4408 | 1 Samba | 1 Samba | 2023-02-13 | 8.3 HIGH | N/A |
| Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet. | |||||
| CVE-2013-4387 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 6.1 MEDIUM | N/A |
| net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet. | |||||
| CVE-2013-4312 | 2 Linux, Oracle | 2 Linux Kernel, Linux | 2023-02-13 | 4.9 MEDIUM | 6.2 MEDIUM |
| The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c. | |||||
| CVE-2013-4297 | 1 Redhat | 1 Libvirt | 2023-02-13 | 4.0 MEDIUM | N/A |
| The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1.1.2 and earlier allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via unspecified vectors. | |||||
| CVE-2013-4282 | 2 Redhat, Spice Project | 3 Enterprise Linux, Enterprise Virtualization, Spice | 2023-02-13 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket. | |||||
| CVE-2013-4244 | 1 Libtiff | 1 Libtiff | 2023-02-13 | 6.8 MEDIUM | N/A |
| The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image. | |||||
| CVE-2013-4243 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2023-02-13 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image. | |||||
| CVE-2013-4239 | 1 Redhat | 1 Libvirt | 2023-02-13 | 4.0 MEDIUM | N/A |
| The xenDaemonListDefinedDomains function in xen/xend_internal.c in libvirt 1.1.1 allows remote authenticated users to cause a denial of service (memory corruption and crash) via vectors involving the virConnectListDefinedDomains API function. | |||||
| CVE-2013-4237 | 1 Gnu | 1 Glibc | 2023-02-13 | 6.8 MEDIUM | N/A |
| sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted (1) NTFS or (2) CIFS image. | |||||
| CVE-2013-4150 | 1 Qemu | 1 Qemu | 2023-02-13 | 7.5 HIGH | N/A |
| The virtio_net_load function in hw/net/virtio-net.c in QEMU 1.5.0 through 1.7.x before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors in which the value of curr_queues is greater than max_queues, which triggers an out-of-bounds write. | |||||
| CVE-2013-4149 | 1 Qemu | 1 Qemu | 2023-02-13 | 7.5 HIGH | N/A |
| Buffer overflow in virtio_net_load function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table. | |||||
| CVE-2013-2237 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 2.1 LOW | N/A |
| The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify_policy interface of an IPSec key_socket. | |||||
| CVE-2013-2234 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 2.1 LOW | N/A |
| The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions in net/key/af_key.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of an IPSec key_socket. | |||||
| CVE-2013-2058 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 4.7 MEDIUM | N/A |
| The host_start function in drivers/usb/chipidea/host.c in the Linux kernel before 3.7.4 does not properly support a certain non-streaming option, which allows local users to cause a denial of service (system crash) by sending a large amount of network traffic through a USB/Ethernet adapter. | |||||
| CVE-2013-1961 | 1 Remotesensing | 1 Libtiff | 2023-02-13 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file. | |||||
| CVE-2013-1960 | 1 Remotesensing | 1 Libtiff | 2023-02-13 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file. | |||||
| CVE-2013-1929 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 4.4 MEDIUM | N/A |
| Heap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via crafted firmware that specifies a long string in the Vital Product Data (VPD) data structure. | |||||