Total
2596 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-4515 | 1 Kde | 1 Kde | 2012-11-12 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in khtml/rendering/render_replaced.cpp in Konqueror in KDE 4.7.3, when the context menu is shown, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by accessing an iframe when it is being updated. | |||||
CVE-2011-4528 | 1 Unbound | 1 Unbound | 2012-11-05 | 5.0 MEDIUM | N/A |
Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response. | |||||
CVE-2012-5704 | 2 Drupal, Justin Dodge | 2 Drupal, Hotblocks | 2012-11-01 | 3.5 LOW | N/A |
The Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with the "administer hotblocks" permission to cause a denial of service (infinite loop and time out) via a block that references itself. | |||||
CVE-2007-3116 | 1 Maradns | 1 Maradns | 2012-10-30 | 5.0 MEDIUM | N/A |
Memory leak in server/MaraDNS.c in MaraDNS 1.2.12.06 and 1.3.05 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, a different set of affected versions than CVE-2007-3114 and CVE-2007-3115. | |||||
CVE-2012-3899 | 1 Cisco | 6 Intrusion Prevention System, Ips 4240, Ips 4250 Sx and 3 more | 2012-09-16 | 5.0 MEDIUM | N/A |
sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and process crash, and traffic-inspection outage) via network traffic, aka Bug ID CSCtn23051. | |||||
CVE-2012-4678 | 1 Munin-monitoring | 1 Munin | 2012-08-27 | 5.0 MEDIUM | N/A |
munin-cgi-graph for Munin 2.0 rc4 does not delete temporary files, which allows remote attackers to cause a denial of service (disk consumption) via many requests to an image with unique parameters. | |||||
CVE-2012-0048 | 1 Openttd | 1 Openttd | 2012-08-26 | 4.3 MEDIUM | N/A |
OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by connecting to the server and not finishing the (1) authorization phase or (2) map download, aka a "slow read" attack. | |||||
CVE-2011-3973 | 1 Ffmpeg | 1 Ffmpeg | 2012-08-21 | 5.0 MEDIUM | N/A |
cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. | |||||
CVE-2012-0858 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2012-08-21 | 6.8 MEDIUM | N/A |
The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Shorten file, related to an "invalid free". | |||||
CVE-2012-3847 | 1 Invensys | 2 Intouch, Wonderware Application Server | 2012-08-13 | 5.0 MEDIUM | N/A |
slssvc.exe in Invensys Wonderware SuiteLink in Invensys InTouch 2012 and Wonderware Application Server 2012 allows remote attackers to cause a denial of service (resource consumption) via a long Unicode string, a different vulnerability than CVE-2012-3007. | |||||
CVE-2012-1346 | 1 Cisco | 1 Emergency Responder | 2012-08-07 | 5.0 MEDIUM | N/A |
Cisco Emergency Responder 8.6 and 9.2 allows remote attackers to cause a denial of service (CPU consumption) by sending malformed UDP packets to the CERPT port, aka Bug ID CSCtx38369. | |||||
CVE-2012-2472 | 1 Cisco | 2 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software | 2012-08-06 | 7.8 HIGH | N/A |
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 and 8.4, when SIP inspection is enabled, create many identical pre-allocated secondary pinholes, which might allow remote attackers to cause a denial of service (CPU consumption) via crafted SIP traffic, aka Bug ID CSCtz63143. | |||||
CVE-2012-2559 | 1 Wellintech | 1 Kinghistorian | 2012-07-16 | 10.0 HIGH | N/A |
WellinTech KingHistorian 3.0 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer write) via a crafted packet to TCP port 5678. | |||||
CVE-2012-2970 | 1 Synel | 1 Sy-780\/a Time \& Attendance Terminal | 2012-07-09 | 7.8 HIGH | N/A |
The Synel SY-780/A Time & Attendance terminal allows remote attackers to cause a denial of service (device hang) via network traffic to port (1) 1641, (2) 3734, or (3) 3735. | |||||
CVE-2012-2827 | 2 Apple, Google | 2 Mac Os X, Chrome | 2012-06-28 | 7.5 HIGH | N/A |
Use-after-free vulnerability in the UI in Google Chrome before 20.0.1132.43 on Mac OS X allows attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2011-3488 | 1 Equis | 1 Metastock | 2012-06-27 | 10.0 HIGH | N/A |
Use-after-free vulnerability in Equis MetaStock 11 and earlier allows remote attackers to execute arbitrary code via a malformed (1) mwc chart, (2) mws chart, (3) mwt template, or (4) mwl layout. | |||||
CVE-2011-3671 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2012-06-18 | 7.5 HIGH | N/A |
Use-after-free vulnerability in the nsHTMLSelectElement function in nsHTMLSelectElement.cpp in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allows remote attackers to execute arbitrary code via vectors involving removal of the parent node of an element. | |||||
CVE-2011-2561 | 1 Cisco | 1 Unified Communications Manager | 2012-06-14 | 7.1 HIGH | N/A |
The SIP process in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(5b)su4 and 8.x before 8.0(1) does not properly handle SDP data within a SIP call in certain situations related to use of the g729ar8 codec for a Media Termination Point (MTP), which allows remote attackers to cause a denial of service (service outage) via a crafted call, aka Bug ID CSCtc61990. | |||||
CVE-2011-2560 | 1 Cisco | 1 Unified Communications Manager | 2012-06-14 | 7.8 HIGH | N/A |
The Packet Capture Service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x does not properly handle idle TCP connections, which allows remote attackers to cause a denial of service (memory consumption and restart) by making many connections, aka Bug ID CSCtf97162. | |||||
CVE-2006-7244 | 1 Libpng | 1 Libpng | 2012-06-14 | 5.0 MEDIUM | N/A |
Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions before 1.2.15beta3, allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length. |