Total
2700 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3196 | 1 Yacc | 1 Yacc | 2012-11-27 | 7.8 HIGH | N/A |
| skeleton.c in yacc does not properly handle reduction of a rule with an empty right hand side, which allows context-dependent attackers to cause an out-of-bounds stack access when the yacc stack pointer points to the end of the stack. | |||||
| CVE-2012-4515 | 1 Kde | 1 Kde | 2012-11-12 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated. | |||||
| CVE-2011-4528 | 1 Unbound | 1 Unbound | 2012-11-06 | 5.0 MEDIUM | N/A |
| Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response. | |||||
| CVE-2012-5704 | 2 Drupal, Justin Dodge | 2 Drupal, Hotblocks | 2012-11-01 | 3.5 LOW | N/A |
| The Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with the "administer hotblocks" permission to cause a denial of service (infinite loop and time out) via a block that references itself. | |||||
| CVE-2007-3116 | 1 Maradns | 1 Maradns | 2012-10-31 | 5.0 MEDIUM | N/A |
| Memory leak in server/MaraDNS.c in MaraDNS 1.2.12.06 and 1.3.05 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, a different set of affected versions than CVE-2007-3114 and CVE-2007-3115. | |||||
| CVE-2012-3899 | 1 Cisco | 6 Intrusion Prevention System, Ips 4240, Ips 4250 Sx and 3 more | 2012-09-17 | 5.0 MEDIUM | N/A |
| sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and process crash, and traffic-inspection outage) via network traffic, aka Bug ID CSCtn23051. | |||||
| CVE-2012-4678 | 1 Munin-monitoring | 1 Munin | 2012-08-27 | 5.0 MEDIUM | N/A |
| munin-cgi-graph for Munin 2.0 rc4 does not delete temporary files, which allows remote attackers to cause a denial of service (disk consumption) via many requests to an image with unique parameters. | |||||
| CVE-2012-0048 | 1 Openttd | 1 Openttd | 2012-08-27 | 4.3 MEDIUM | N/A |
| OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a "slow read" attack. | |||||
| CVE-2012-3847 | 1 Invensys | 2 Intouch, Wonderware Application Server | 2012-08-14 | 5.0 MEDIUM | N/A |
| slssvc.exe in Invensys Wonderware SuiteLink in Invensys InTouch 2012 and Wonderware Application Server 2012 allows remote attackers to cause a denial of service (resource consumption) via a long Unicode string, a different vulnerability than CVE-2012-3007. | |||||
| CVE-2012-1346 | 1 Cisco | 1 Emergency Responder | 2012-08-07 | 5.0 MEDIUM | N/A |
| Cisco Emergency Responder 8.6 and 9.2 allows remote attackers to cause a denial of service (CPU consumption) by sending malformed UDP packets to the CERPT port, aka Bug ID CSCtx38369. | |||||
| CVE-2012-2559 | 1 Wellintech | 1 Kinghistorian | 2012-07-17 | 10.0 HIGH | N/A |
| WellinTech KingHistorian 3.0 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer write) via a crafted packet to TCP port 5678. | |||||
| CVE-2012-2970 | 1 Synel | 1 Sy-780\/a Time \& Attendance Terminal | 2012-07-10 | 7.8 HIGH | N/A |
| The Synel SY-780/A Time & Attendance terminal allows remote attackers to cause a denial of service (device hang) via network traffic to port (1) 1641, (2) 3734, or (3) 3735. | |||||
| CVE-2011-3488 | 1 Equis | 1 Metastock | 2012-06-28 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Equis MetaStock 11 and earlier allows remote attackers to execute arbitrary code via a malformed (1) mwc chart, (2) mws chart, (3) mwt template, or (4) mwl layout. | |||||
| CVE-2011-3671 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2012-06-19 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the nsHTMLSelectElement function in nsHTMLSelectElement.cpp in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allows remote attackers to execute arbitrary code via vectors involving removal of the parent node of an element. | |||||
| CVE-2011-2560 | 1 Cisco | 1 Unified Communications Manager | 2012-06-15 | 7.8 HIGH | N/A |
| The Packet Capture Service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x does not properly handle idle TCP connections, which allows remote attackers to cause a denial of service (memory consumption and restart) by making many connections, aka Bug ID CSCtf97162. | |||||
| CVE-2011-2561 | 1 Cisco | 1 Unified Communications Manager | 2012-06-15 | 7.1 HIGH | N/A |
| The SIP process in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(5b)su4 and 8.x before 8.0(1) does not properly handle SDP data within a SIP call in certain situations related to use of the g729ar8 codec for a Media Termination Point (MTP), which allows remote attackers to cause a denial of service (service outage) via a crafted call, aka Bug ID CSCtc61990. | |||||
| CVE-2011-4019 | 1 Cisco | 2 Ios, Unified Communications Manager | 2012-05-30 | 5.4 MEDIUM | N/A |
| Memory leak in Cisco IOS 12.4 and 15.0 through 15.2, and Cisco Unified Communications Manager (CUCM) 7.x, allows remote attackers to cause a denial of service (memory consumption) via a crafted response to a SIP SUBSCRIBE message, aka Bug IDs CSCto93837 and CSCtj61883. | |||||
| CVE-2012-2426 | 1 Xarrow | 1 Xarrow | 2012-05-28 | 7.8 HIGH | N/A |
| The server in xArrow before 3.4.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via unspecified vectors. | |||||
| CVE-2011-0944 | 1 Cisco | 1 Ios | 2012-05-18 | 7.8 HIGH | N/A |
| Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (device reload) via malformed IPv6 packets, aka Bug ID CSCtj41194. | |||||
| CVE-2011-3287 | 1 Cisco | 1 Jabber Extensible Communications Platform | 2012-05-14 | 7.8 HIGH | N/A |
| Cisco Jabber Extensible Communications Platform (aka Jabber XCP) 2.x through 5.4.x before 5.4.0.27581 and 5.8.x before 5.8.1.27561 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption, and process crash) via a crafted XML document containing a large number of nested entity references, aka Bug ID CSCtq78106, a similar issue to CVE-2003-1564. | |||||