Total
1230 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-2915 | 2 Konstanty Bialkowski, Redhat | 2 Libmodplug, Enterprise Linux | 2025-04-11 | N/A |
| Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of instruments. | ||||
| CVE-2010-3792 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2025-04-11 | N/A |
| Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file. | ||||
| CVE-2012-1003 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Multiple integer overflows in Opera 11.60 and earlier allow remote attackers to cause a denial of service (application crash) via a large integer argument to the (1) Int32Array, (2) Float32Array, (3) Float64Array, (4) Uint32Array, (5) Int16Array, or (6) ArrayBuffer function. NOTE: the vendor reportedly characterizes this as "a stability issue, not a security issue." | ||||
| CVE-2011-2662 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Integer signedness error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message. | ||||
| CVE-2011-2516 | 2 Apache, Shibboleth | 2 Xml Security For C\+\+, Shibboleth-sp | 2025-04-11 | N/A |
| Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow. | ||||
| CVE-2011-0194 | 1 Apple | 3 Imageio, Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding. | ||||
| CVE-2011-2175 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2025-04-11 | N/A |
| Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read. | ||||
| CVE-2013-5132 | 1 Apple | 1 Airport Base Station Firmware | 2025-04-11 | N/A |
| Apple AirPort Base Station Firmware before 7.6.4 does not properly handle incorrect frame lengths, which allows remote attackers to cause a denial of service (device crash) by associating with the access point and then sending a short frame. | ||||
| CVE-2013-1989 | 2 Redhat, X | 2 Enterprise Linux, Libxv | 2025-04-11 | N/A |
| Multiple integer overflows in X.org libXv 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvQueryPortAttributes, (2) XvListImageFormats, and (3) XvCreateImage function. | ||||
| CVE-2012-1143 | 3 Freetype, Mozilla, Redhat | 3 Freetype, Firefox Mobile, Enterprise Linux | 2025-04-11 | N/A |
| FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font. | ||||
| CVE-2011-1583 | 2 Citrix, Redhat | 2 Xen, Enterprise Linux | 2025-04-11 | N/A |
| Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields. | ||||
| CVE-2011-1476 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| Integer underflow in the Open Sound System (OSS) subsystem in the Linux kernel before 2.6.39 on unspecified non-x86 platforms allows local users to cause a denial of service (memory corruption) by leveraging write access to /dev/sequencer. | ||||
| CVE-2011-1052 | 1 Hex-rays | 1 Ida | 2025-04-11 | N/A |
| Integer overflow in the PSX/GEOS input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to memory allocation. | ||||
| CVE-2011-1290 | 2 Apple, Rim | 3 Webkit, Blackberry Torch 9800, Blackberry Torch 9800 Firmware | 2025-04-11 | N/A |
| Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011. | ||||
| CVE-2011-1213 | 1 Ibm | 1 Lotus Notes | 2025-04-11 | N/A |
| Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W. | ||||
| CVE-2010-0733 | 2 Postgresql, Redhat | 2 Postgresql, Enterprise Linux | 2025-04-11 | N/A |
| Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with many LEFT JOIN clauses, related to certain hashtable size calculations. | ||||
| CVE-2011-0914 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow. | ||||
| CVE-2011-0758 | 1 Ca | 2 Etrust Secure Content Manager, Gateway Security | 2025-04-11 | N/A |
| The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow. | ||||
| CVE-2011-0628 | 7 Adobe, Apple, Google and 4 more | 7 Flash Player, Mac Os X, Android and 4 more | 2025-04-11 | N/A |
| Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows remote attackers to execute arbitrary code via ActionScript that improperly handles a long array object. | ||||
| CVE-2010-0830 | 2 Gnu, Redhat | 2 Glibc, Enterprise Linux | 2025-04-11 | N/A |
| Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header. | ||||