Total
11483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4552 | 1 Steve J Baker | 1 Plib | 2013-06-25 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file. | |||||
| CVE-2013-4631 | 1 Huawei | 5 Ar 1200, Ar 150, Ar 200 and 2 more | 2013-06-21 | 7.8 HIGH | N/A |
| Huawei AR 150, 200, 1200, 2200, and 3200 routers, when SNMPv3 is enabled, allow remote attackers to cause a denial of service (device crash) via malformed SNMPv3 requests that leverage unspecified overflow issues. | |||||
| CVE-2012-6570 | 1 Huawei | 18 Ar 18-1x, Ar 18-2x, Ar 18-3x and 15 more | 2013-06-20 | 10.0 HIGH | N/A |
| The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches does not check whether HTTP data is longer than the value of the Content-Length field, which allows remote HTTP servers to conduct heap-based buffer overflow attacks and execute arbitrary code via a crafted response. | |||||
| CVE-2012-6568 | 1 Huawei | 1 Utps | 2013-06-20 | 6.9 MEDIUM | N/A |
| Buffer overflow in the back-end component in Huawei UTPS 1.0 allows local users to gain privileges via a long IDS_PLUGIN_NAME string in a plug-in configuration file. | |||||
| CVE-2012-6569 | 1 Huawei | 18 Ar 18-1x, Ar 18-2x, Ar 18-3x and 15 more | 2013-06-20 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI. | |||||
| CVE-2013-2004 | 1 X | 1 Libx11 | 2013-06-20 | 6.8 MEDIUM | N/A |
| The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file. | |||||
| CVE-2013-1612 | 1 Symantec | 2 Endpoint Protection Center, Endpoint Protection Manager | 2013-06-19 | 7.9 HIGH | N/A |
| Buffer overflow in secars.dll in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x before 12.1.3, and Symantec Endpoint Protection Center (SPC) Small Business Edition 12.0.x, allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-4098 | 1 Linux | 1 Linux Kernel | 2013-06-09 | 1.9 LOW | N/A |
| The fallocate implementation in the GFS2 filesystem in the Linux kernel before 3.2 relies on the page cache, which might allow local users to cause a denial of service by preallocating blocks in certain situations involving insufficient memory. | |||||
| CVE-2013-3673 | 1 Ffmpeg | 1 Ffmpeg | 2013-06-09 | 4.3 MEDIUM | N/A |
| The gif_decode_frame function in gifdec.c in libavcodec in FFmpeg before 1.2.1 does not properly manage the disposal methods of frames, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted GIF data. | |||||
| CVE-2013-3670 | 1 Ffmpeg | 1 Ffmpeg | 2013-06-09 | 4.3 MEDIUM | N/A |
| The rle_unpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not properly use the bytestream2 API, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted RLE data. NOTE: the vendor has listed this as an issue fixed in 1.2.1, but the issue is actually in new code that was not shipped with the 1.2.1 release or any earlier release. | |||||
| CVE-2013-1009 | 1 Apple | 1 Safari | 2013-06-05 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple Safari before 6.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2013-1023. | |||||
| CVE-2013-0984 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2013-06-05 | 9.3 HIGH | N/A |
| Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message. | |||||
| CVE-2013-0983 | 1 Apple | 1 Mac Os X | 2013-06-05 | 6.8 MEDIUM | N/A |
| Stack consumption vulnerability in CoreAnimation in Apple Mac OS X before 10.8.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted text glyph in a URL encountered by Safari. | |||||
| CVE-2013-1023 | 1 Apple | 1 Safari | 2013-06-05 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple Safari before 6.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2013-1009. | |||||
| CVE-2013-0975 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2013-06-05 | 6.8 MEDIUM | N/A |
| Buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.8.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image. | |||||
| CVE-2013-0976 | 1 Apple | 1 Mac Os X | 2013-06-04 | 6.8 MEDIUM | N/A |
| IOAcceleratorFamily in Apple Mac OS X before 10.8.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted graphics image. | |||||
| CVE-2012-6096 | 2 Icinga, Nagios | 2 Icinga, Nagios | 2013-06-04 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core before 3.4.4, and Icinga 1.6.x before 1.6.2, 1.7.x before 1.7.4, and 1.8.x before 1.8.4, might allow remote attackers to execute arbitrary code via a long (1) host_name variable (host parameter) or (2) svc_description variable. | |||||
| CVE-2013-1210 | 1 Cisco | 2 Nexus 1000v, Nx-os | 2013-05-30 | 5.4 MEDIUM | N/A |
| Array index error in the Virtual Ethernet Module (VEM) kernel driver for VMware ESXi in Cisco NX-OS on the Nexus 1000V, when STUN debugging is enabled, allows remote attackers to cause a denial of service (ESXi crash and purple screen of death) by sending crafted STUN packets to a VEM, aka Bug ID CSCud14825. | |||||
| CVE-2011-4519 | 1 Microsys | 1 Promotic | 2013-05-23 | 4.3 MEDIUM | N/A |
| Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page. | |||||
| CVE-2011-4520 | 1 Microsys | 1 Promotic | 2013-05-23 | 4.3 MEDIUM | N/A |
| Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page. | |||||