Search Results (2705 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-0367 1 Cisco 1 Unity Connection 2025-04-11 N/A
Cisco Unity Connection before 7.1.5b(Su5), 8.0 and 8.5 before 8.5.1(Su3), and 8.6 before 8.6.2 allows remote attackers to cause a denial of service (services crash) via a series of crafted TCP segments, aka Bug ID CSCtq67899.
CVE-2013-1797 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more 2025-04-11 N/A
Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation.
CVE-2013-1950 2 Libtirpc Project, Redhat 2 Libtirpc, Enterprise Linux 2025-04-11 N/A
The svc_dg_getargs function in libtirpc 0.2.3 and earlier allows remote attackers to cause a denial of service (rpcbind crash) via a Sun RPC request with crafted arguments that trigger a free of an invalid pointer.
CVE-2013-2634 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2025-04-11 N/A
net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
CVE-2011-4109 2 Openssl, Redhat 4 Openssl, Enterprise Linux, Jboss Enterprise Application Platform and 1 more 2025-04-11 N/A
Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check.
CVE-2010-0176 2 Mozilla, Redhat 4 Firefox, Seamonkey, Thunderbird and 1 more 2025-04-11 N/A
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a "dangling pointer vulnerability."
CVE-2013-2914 2 Google, Microsoft 2 Chrome, Windows 2025-04-11 N/A
Use-after-free vulnerability in the color-chooser dialog in Google Chrome before 30.0.1599.66 on Windows allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to color_chooser_dialog.cc and color_chooser_win.cc in browser/ui/views/.
CVE-2011-0393 1 Cisco 4 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 1 more 2025-04-11 N/A
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.12), 7.1 and 7.2 before 7.2(5.2), 8.0 before 8.0(5.21), 8.1 before 8.1(2.49), 8.2 before 8.2(3.6), and 8.3 before 8.3(2.7) and Cisco PIX Security Appliances 500 series devices, when transparent firewall mode is configured but IPv6 is not configured, allow remote attackers to cause a denial of service (packet buffer exhaustion and device outage) via IPv6 traffic, aka Bug ID CSCtj04707.
CVE-2011-2011 1 Microsoft 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more 2025-04-11 N/A
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, aka "Win32k Use After Free Vulnerability."
CVE-2013-0987 2 Apple, Microsoft 4 Quicktime, Windows 7, Windows Vista and 1 more 2025-04-11 N/A
Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QTIF file.
CVE-2009-4008 1 Nlnetlabs 1 Unbound 2025-04-11 N/A
Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query.
CVE-2010-2119 1 Microsoft 1 Internet Explorer 2025-04-11 N/A
Microsoft Internet Explorer 6.0.2900.2180 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid nntp:// URIs.
CVE-2010-2549 1 Microsoft 2 Windows Server 2008, Windows Vista 2025-04-11 N/A
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges or cause a denial of service (system crash) by using a large number of calls to the NtUserCheckAccessForIntegrityLevel function to trigger a failure in the LockProcessByClientId function, leading to deletion of an in-use process object, aka "Win32k Reference Count Vulnerability."
CVE-2011-1871 1 Microsoft 3 Windows 7, Windows Server 2008, Windows Vista 2025-04-11 N/A
Tcpip.sys in the TCP/IP stack in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (reboot) via a series of crafted ICMP messages, aka "ICMP Denial of Service Vulnerability."
CVE-2011-1922 1 Nlnetlabs 1 Unbound 2025-04-11 N/A
daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DNS request that triggers improper error handling.
CVE-2011-2624 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 11.50 allows user-assisted remote attackers to cause a denial of service (application hang) via a large table, which is not properly handled during a print preview.
CVE-2011-2625 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a SELECT element that contains many OPTION elements.
CVE-2011-2626 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) by using "injected script" to set the SRC attribute of an IFRAME element.
CVE-2011-3096 2 Google, Linux 2 Chrome, Linux Kernel 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 19.0.1084.46 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an error in the GTK implementation of the omnibox.
CVE-2011-3280 1 Cisco 2 Ios, Ios Xe 2025-04-11 N/A
Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672.