Total
11483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3969 | 1 Faslo | 1 Faslo Player | 2017-09-18 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Faslo Player 7.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .m3u playlist file. | |||||
| CVE-2009-3947 | 1 Tandberg | 1 Tandberg Mxp Endpoints | 2017-09-18 | 9.3 HIGH | N/A |
| Buffer overflow in the FTP service on the Tandberg MXP F7.0 allows remote attackers to cause a denial of service (process crash or device reboot) or possibly execute arbitrary code via a long USER command, as demonstrated by a command ending with many space characters. | |||||
| CVE-2009-4005 | 1 Linux | 1 Linux Kernel | 2017-09-18 | 7.2 HIGH | N/A |
| The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. | |||||
| CVE-2009-4107 | 1 Amplusnet | 1 Invisible Browsing | 2017-09-18 | 9.3 HIGH | N/A |
| Buffer overflow in Invisible Browsing 5.0.52 allows user-assisted remote attackers to execute arbitrary code via a crafted .ibkey file containing a long string. | |||||
| CVE-2009-4247 | 3 Apple, Microsoft, Realnetworks | 6 Mac Os X, Windows, Helix Player and 3 more | 2017-09-18 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow." | |||||
| CVE-2009-4248 | 3 Apple, Microsoft, Realnetworks | 6 Mac Os X, Windows, Helix Player and 3 more | 2017-09-18 | 9.3 HIGH | N/A |
| Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted RTSP SET_PARAMETER request. | |||||
| CVE-2009-4245 | 3 Apple, Microsoft, Realnetworks | 6 Mac Os X, Windows, Helix Player and 3 more | 2017-09-18 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp. | |||||
| CVE-2009-4313 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2017-09-18 | 9.3 HIGH | N/A |
| ir32_32.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (heap corruption) or execute arbitrary code via malformed data in a stream in a media file, as demonstrated by an AVI file. | |||||
| CVE-2009-4376 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 9.3 HIGH | N/A |
| Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet. | |||||
| CVE-2009-4588 | 1 Awingsoft | 2 Awakening Winds3d Player, Awakening Winds3d Viewer | 2017-09-18 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the WindsPlayerIE.View.1 ActiveX control in WindsPly.ocx 3.5.0.0 Beta, 3.0.0.5, and earlier in AwingSoft Awakening Web3D Player and Winds3D Viewer allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long SceneUrl property value, a different vulnerability than CVE-2009-2386. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2017-14310 | 1 Stdutility | 1 Stdu Viewer | 2017-09-18 | 4.6 MEDIUM | 7.8 HIGH |
| STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to a "Read Access Violation starting at STDUJBIG2File!DllUnregisterServer+0x0000000000001869." | |||||
| CVE-2017-8757 | 1 Microsoft | 3 Edge, Windows 10, Windows Server 2016 | 2017-09-18 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to the way Microsoft Edge handles objects in memory, aka "Microsoft Edge Remote Code Execution Vulnerability". | |||||
| CVE-2017-8750 | 1 Microsoft | 9 Edge, Internet Explorer, Windows 10 and 6 more | 2017-09-18 | 7.6 HIGH | 7.5 HIGH |
| Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability". | |||||
| CVE-2017-14273 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2017-09-18 | 4.6 MEDIUM | 7.8 HIGH |
| XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at ntdll_77400000!RtlInterlockedPopEntrySList+0x00000000000003b0." | |||||
| CVE-2017-14272 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2017-09-18 | 4.6 MEDIUM | 7.8 HIGH |
| XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at jbig2dec+0x000000000000595d." | |||||
| CVE-2017-14270 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2017-09-18 | 4.6 MEDIUM | 7.8 HIGH |
| XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at ntdll_77400000!RtlFillMemoryUlong+0x0000000000000010." | |||||
| CVE-2017-14271 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2017-09-18 | 4.6 MEDIUM | 7.8 HIGH |
| XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at ntdll_77400000!RtlImpersonateSelfEx+0x000000000000024e." | |||||
| CVE-2017-14274 | 2 Microsoft, Xnview | 2 Windows, Xnview | 2017-09-18 | 4.6 MEDIUM | 7.8 HIGH |
| XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at jbig2dec+0x0000000000008706." | |||||
| CVE-2017-14265 | 1 Libraw | 1 Libraw | 2017-09-18 | 7.5 HIGH | 9.8 CRITICAL |
| A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack. | |||||
| CVE-2015-3089 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-16 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3078, CVE-2015-3090, and CVE-2015-3093. | |||||