Total
11483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-2713 | 2 Libreoffice, Sun | 2 Libreoffice, Openoffice.org | 2014-10-23 | 4.3 MEDIUM | N/A |
| oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser. | |||||
| CVE-2014-3201 | 1 Google | 1 Chrome | 2014-10-10 | 5.0 MEDIUM | N/A |
| core/rendering/compositing/RenderLayerCompositor.cpp in Blink, as used in Google Chrome before 38.0.2125.102 on Android, does not properly handle a certain IFRAME overflow condition, which allows remote attackers to spoof content via a crafted web site that interferes with the scrollbar. | |||||
| CVE-2014-5501 | 1 Cyberoam | 1 Cyberoam Os | 2014-10-08 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the diagnose service in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote attackers to execute arbitrary code via a crafted webpage or file. | |||||
| CVE-2014-0994 | 1 Embarcadero | 2 Embarcadero C\+\+builder Xe6, Embarcadero Delphi Xe6 | 2014-10-07 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the ReadDIB function in the Vcl.Graphics.TPicture.Bitmap implementation in the Visual Component Library (VCL) in Embarcadero Delphi XE6 20.0.15596.9843 and C++ Builder XE6 20.0.15596.9843 allows context-dependent attackers to execute arbitrary code via the BITMAPINFOHEADER.biClrUsed field in a BMP file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0993. | |||||
| CVE-2012-3422 | 1 Redhat | 1 Icedtea-web | 2014-10-03 | 6.8 MEDIUM | N/A |
| The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted web page, which causes an uninitialized memory location to be read. | |||||
| CVE-2012-3423 | 1 Redhat | 1 Icedtea-web | 2014-10-03 | 7.5 HIGH | N/A |
| The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet. | |||||
| CVE-2014-3183 | 1 Linux | 1 Linux Kernel | 2014-09-29 | 6.9 MEDIUM | N/A |
| Heap-based buffer overflow in the logi_dj_ll_raw_request function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that specifies a large report size for an LED report. | |||||
| CVE-2014-0993 | 1 Embarcadero | 2 Embarcadero C\+\+builder Xe6, Embarcadero Delphi Xe6 | 2014-09-16 | 6.8 MEDIUM | N/A |
| Buffer overflow in the Vcl.Graphics.TPicture.Bitmap implementation in the Visual Component Library (VCL) in Embarcadero Delphi XE6 20.0.15596.9843 and C++ Builder XE6 20.0.15596.9843 allows remote attackers to execute arbitrary code via a crafted BMP file. | |||||
| CVE-2014-5407 | 1 Schneider-electric | 1 Vampset | 2014-09-15 | 4.4 MEDIUM | N/A |
| Multiple stack-based buffer overflows in Schneider Electric VAMPSET 2.2.136 and earlier allow local users to cause a denial of service (application halt) via a malformed (1) setting file or (2) disturbance recording file. | |||||
| CVE-2013-2597 | 1 Codeaurora | 1 Android-msm | 2014-09-02 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that leverages /dev/msm_acdb access and provides a large size value in an ioctl argument. | |||||
| CVE-2014-5384 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2014-08-21 | 5.0 MEDIUM | N/A |
| The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service (out-of-bounds array access) via a crafted argument to the iconv_open function. NOTE: this issue was SPLIT from CVE-2014-3951 per ADT2 due to different vulnerability types. | |||||
| CVE-2014-5349 | 1 Baidu | 1 Spark Browser | 2014-08-20 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print JavaScript function. | |||||
| CVE-2014-2357 | 1 Subnet | 1 Substation Server | 2014-08-12 | 7.1 HIGH | N/A |
| The GPT library in the Telegyr 8979 Master Protocol application in SUBNET SubSTATION Server 2 before SSNET 2.12 HF18808 allows remote attackers to cause a denial of service (persistent service crash) via a long RTU-to-Master message. | |||||
| CVE-2013-3930 | 1 Coreftp | 1 Core Ftp | 2014-08-11 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Core FTP before 2.2 build 1785 allows remote FTP servers to execute arbitrary code via a crafted directory name in a CWD command reply. | |||||
| CVE-2014-3459 | 1 Solarwinds | 1 Network Configuration Manager | 2014-08-07 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in SolarWinds Network Configuration Manager (NCM) before 7.3 allows remote attackers to execute arbitrary code via the PEstrarg1 property. | |||||
| CVE-2014-4927 | 3 Acme, D-link, Netgear | 5 Micro Httpd, Dsl2740u, Dsl2750u and 2 more | 2014-07-25 | 7.8 HIGH | N/A |
| Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DSL2740U and NetGear WGR614 and MR-ADSL-DG834 routers allows remote attackers to cause a denial of service (crash) via a long string in the URI in a GET request. | |||||
| CVE-2014-4501 | 3 Bfgminer, Cgminer Project, Sgminer Project | 3 Bfgminer, Cgminer, Sgminer | 2014-07-23 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 3.3.0 allow remote pool servers to have unspecified impact via a long URL in a client.reconnect stratum message to the (1) extract_sockaddr or (2) parse_reconnect functions in util.c. | |||||
| CVE-2014-3939 | 1 Autodesk | 1 Sketchbook Pro | 2014-07-23 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote attackers to execute arbitrary code via crafted layer bitmap data in a PXD file. | |||||
| CVE-2014-3891 | 1 Rimarts | 1 Becky\! Internet Mail | 2014-07-09 | 6.8 MEDIUM | N/A |
| Buffer overflow in RimArts Becky! Internet Mail before 2.68 allows remote POP3 servers to execute arbitrary code via a crafted response. | |||||
| CVE-2014-4646 | 1 Foxitsoftware | 1 Foxit Pdf Sdk Dll | 2014-07-08 | 6.8 MEDIUM | N/A |
| Buffer overflow in the FPDFBookmark_GetTitle method in Foxit PDF SDK DLL before 3.1.1.5005 allows context-dependent attackers to execute arbitrary code via unspecified vectors. | |||||