Total
11483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0837 | 1 Foxit | 1 Reader3.0 | 2018-10-10 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Foxit Reader 3.0 before Build 1506, including 1120 and 1301, allows remote attackers to execute arbitrary code via a long (1) relative path or (2) absolute path in the filename argument in an action, as demonstrated by the "Open/Execute a file" action. | |||||
| CVE-2009-0836 | 1 Foxitsoftware | 1 Reader | 2018-10-10 | 10.0 HIGH | N/A |
| Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 1120 and 1301, does not require user confirmation before performing dangerous actions defined in a PDF file, which allows remote attackers to execute arbitrary programs and have unspecified other impact via a crafted file, as demonstrated by the "Open/Execute a file" action. | |||||
| CVE-2009-0734 | 1 Nokia | 1 Nokia Pc Suite | 2018-10-10 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in MultimediaPlayer.exe 6.86.240.7 in Nokia PC Suite 6.86.9.3 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file. | |||||
| CVE-2009-0546 | 1 Newsgator | 1 Feeddemon | 2018-10-10 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in NewsGator FeedDemon 2.7 and earlier allows user-assisted remote attackers to execute arbitrary code via a long text attribute in an outline element in a .opml file. | |||||
| CVE-2009-0599 | 1 Wireshark | 1 Wireshark | 2018-10-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file. | |||||
| CVE-2017-14089 | 1 Trendmicro | 1 Officescan | 2018-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and cause memory corruption issues. | |||||
| CVE-2016-6920 | 1 Ffmpeg | 1 Ffmpeg | 2018-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| Heap-based buffer overflow in the decode_block function in libavcodec/exr.c in FFmpeg before 3.1.3 allows remote attackers to cause a denial of service (application crash) via vectors involving tile positions. | |||||
| CVE-2016-7866 | 1 Adobe | 1 Animate | 2018-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Animate versions 15.2.1.95 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2016-1723 | 1 Apple | 3 Iphone Os, Safari, Watchos | 2018-10-09 | 9.3 HIGH | 8.8 HIGH |
| WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1725 and CVE-2016-1726. | |||||
| CVE-2016-2345 | 1 Dameware | 1 Mini Remote Control | 2018-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in SolarWinds DameWare Mini Remote Control 12.0 allows remote attackers to execute arbitrary code via a crafted string. | |||||
| CVE-2016-2385 | 2 Debian, Kamailio | 2 Debian Linux, Kamailio | 2018-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in the encode_msg function in encode_msg.c in the SEAS module in Kamailio (formerly OpenSER and SER) before 4.3.5 allows remote attackers to cause a denial of service (memory corruption and process crash) or possibly execute arbitrary code via a large SIP packet. | |||||
| CVE-2016-1885 | 1 Freebsd | 1 Freebsd | 2018-10-09 | 4.9 MEDIUM | 6.2 MEDIUM |
| Integer signedness error in the amd64_set_ldt function in sys/amd64/amd64/sys_machdep.c in FreeBSD 9.3 before p39, 10.1 before p31, and 10.2 before p14 allows local users to cause a denial of service (kernel panic) via an i386_set_ldt system call, which triggers a heap-based buffer overflow. | |||||
| CVE-2016-1725 | 1 Apple | 3 Iphone Os, Safari, Watchos | 2018-10-09 | 9.3 HIGH | 8.8 HIGH |
| WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1726. | |||||
| CVE-2016-2054 | 2 Debian, Xymon | 2 Debian Linux, Xymon | 2018-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a long filename, involving handling a "config" command. | |||||
| CVE-2016-1726 | 1 Apple | 3 Iphone Os, Safari, Watchos | 2018-10-09 | 9.3 HIGH | 8.8 HIGH |
| WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1725. | |||||
| CVE-2015-8221 | 1 Google | 1 Picasa | 2018-10-09 | 10.0 HIGH | N/A |
| Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow. | |||||
| CVE-2015-7555 | 2 Fedoraproject, Giflib Project | 2 Fedora, Giflib | 2018-10-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file. | |||||
| CVE-2015-7392 | 1 Freeswitch | 1 Freeswitch | 2018-10-09 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the parse_string function in libs/esl/src/esl_json.c in FreeSWITCH before 1.4.23 and 1.6.x before 1.6.2 allows remote attackers to execute arbitrary code via a trailing \u in a json string to cJSON_Parse. | |||||
| CVE-2015-8096 | 1 Google | 1 Picasa | 2018-10-09 | 10.0 HIGH | N/A |
| Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to "phase one 0x412 tag," which triggers a heap-based buffer overflow. | |||||
| CVE-2015-5949 | 1 Videolan | 1 Vlc Media Player | 2018-10-09 | 6.8 MEDIUM | N/A |
| VideoLAN VLC media player 2.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP file, which triggers the freeing of arbitrary pointers. | |||||