Total
11936 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-0182 | 1 Qemu | 1 Qemu | 2023-02-13 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image. | |||||
| CVE-2014-0145 | 1 Qemu | 1 Qemu | 2023-02-13 | 4.6 MEDIUM | 7.8 HIGH |
| Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) uncompressed chunk, (3) chunk length, or (4) number of sectors in the DMG block driver (block/dmg.c). | |||||
| CVE-2014-0063 | 1 Postgresql | 1 Postgresql | 2023-02-13 | 6.5 MEDIUM | N/A |
| Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via vectors related to an incorrect MAXDATELEN constant and datetime values involving (1) intervals, (2) timestamps, or (3) timezones, a different vulnerability than CVE-2014-0065. | |||||
| CVE-2014-0004 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Udisks | 2023-02-13 | 6.9 MEDIUM | N/A |
| Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point. | |||||
| CVE-2013-4526 | 1 Qemu | 1 Qemu | 2023-02-13 | 7.5 HIGH | N/A |
| Buffer overflow in hw/ide/ahci.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via vectors related to migrating ports. | |||||
| CVE-2013-4296 | 2 Canonical, Redhat | 3 Ubuntu Linux, Enterprise Linux, Libvirt | 2023-02-13 | 4.0 MEDIUM | N/A |
| The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a crafted RPC call. | |||||
| CVE-2013-1796 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 6.8 MEDIUM | N/A |
| The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a denial of service (buffer overflow and host OS memory corruption) or possibly have unspecified other impact via a crafted application. | |||||
| CVE-2012-5581 | 1 Libtiff | 1 Libtiff | 2023-02-13 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DOTRANGE tag in a TIFF image. | |||||
| CVE-2012-3461 | 1 Cypherpunks | 1 Libotr | 2023-02-13 | 4.3 MEDIUM | N/A |
| The (1) otrl_base64_otr_decode function in src/b64.c; (2) otrl_proto_data_read_flags and (3) otrl_proto_accept_data functions in src/proto.c; and (4) decode function in toolkit/parse.c in libotr before 3.2.1 allocates a zero-length buffer when decoding a base64 string, which allows remote attackers to cause a denial of service (application crash) via a message with the value "?OTR:===.", which triggers a heap-based buffer overflow. | |||||
| CVE-2012-3401 | 1 Libtiff | 1 Libtiff | 2023-02-13 | 6.8 MEDIUM | N/A |
| The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow. | |||||
| CVE-2012-2119 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 5.2 MEDIUM | N/A |
| Buffer overflow in the macvtap device driver in the Linux kernel before 3.4.5, when running in certain configurations, allows privileged KVM guest users to cause a denial of service (crash) via a long descriptor with a long vector length. | |||||
| CVE-2012-1142 | 2 Freetype, Mozilla | 2 Freetype, Firefox Mobile | 2023-02-13 | 9.3 HIGH | N/A |
| FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font. | |||||
| CVE-2012-1141 | 2 Freetype, Mozilla | 2 Freetype, Firefox Mobile | 2023-02-13 | 9.3 HIGH | N/A |
| FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font. | |||||
| CVE-2012-1139 | 2 Freetype, Mozilla | 2 Freetype, Firefox Mobile | 2023-02-13 | 9.3 HIGH | N/A |
| Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font. | |||||
| CVE-2012-1132 | 2 Freetype, Mozilla | 2 Freetype, Firefox Mobile | 2023-02-13 | 9.3 HIGH | N/A |
| FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font. | |||||
| CVE-2012-1131 | 2 Freetype, Mozilla | 2 Freetype, Firefox Mobile | 2023-02-13 | 9.3 HIGH | N/A |
| FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font. | |||||
| CVE-2012-0029 | 1 Kvm Group | 1 Qemu-kvm | 2023-02-13 | 7.4 HIGH | N/A |
| Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. | |||||
| CVE-2011-4604 | 1 Linux | 1 Linux Kernel | 2023-02-13 | 6.8 MEDIUM | N/A |
| The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux kernel before 3.3 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted batman-adv ICMP packet. | |||||
| CVE-2011-3345 | 1 Openfabrics | 1 Enterprise Distribution | 2023-02-13 | 2.1 LOW | N/A |
| ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_kernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution (OFED) before 1.5.3 does not properly handle certain non-array variables, which allows local users to cause a denial of service (stack memory corruption and system crash) by reading the /proc/net/sdpstats file. | |||||
| CVE-2011-1574 | 1 Konstanty Bialkowski | 1 Libmodplug | 2023-02-13 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file. | |||||