Total
2596 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-0723 | 2 Ffmpeg, Mplayer | 2 Ffmpeg, Mplayer | 2011-10-25 | 6.8 MEDIUM | N/A |
FFmpeg 0.5.x, as used in MPlayer and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed VC-1 file. | |||||
CVE-2011-3272 | 1 Cisco | 2 Ios, Ios Xe | 2011-10-20 | 7.8 HIGH | N/A |
The IP Service Level Agreement (IP SLA) functionality in Cisco IOS 15.1, and IOS XE 2.1.x through 3.3.x, allows remote attackers to cause a denial of service (memory corruption and device reload) via malformed IP SLA packets, aka Bug ID CSCtk67073. | |||||
CVE-2006-3068 | 1 Ibm | 1 Db2 Universal Database | 2011-10-16 | 5.0 MEDIUM | N/A |
IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote attackers to cause a denial of service (application crash) by sending "incorrect information ... regarding the package name/creator," which leads to a "memory overwrite." | |||||
CVE-2011-2952 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2011-10-05 | 9.3 HIGH | N/A |
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via vectors related to a dialog box. | |||||
CVE-2011-2954 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2011-10-05 | 9.3 HIGH | N/A |
Use-after-free vulnerability in the AutoUpdate feature in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
CVE-2011-2955 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2011-10-05 | 9.3 HIGH | N/A |
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via vectors related to a modal dialog. | |||||
CVE-2006-5656 | 1 Vilistextum | 1 Vilistextum | 2011-10-02 | 5.0 MEDIUM | N/A |
Memory leak in the push_align function in src/util.c in Vilistextum before 2.6.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the tmp_align variable. NOTE: it is not clear whether this is a vulnerability, due to the functionality of the product. | |||||
CVE-2010-4754 | 4 Apple, Freebsd, Netbsd and 1 more | 4 Mac Os X, Freebsd, Netbsd and 1 more | 2011-09-20 | 4.0 MEDIUM | N/A |
The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. | |||||
CVE-2011-1507 | 1 Digium | 1 Asterisk | 2011-09-06 | 5.0 MEDIUM | N/A |
Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk Business Edition C.x.x before C.3.6.4 do not restrict the number of unauthenticated sessions to certain interfaces, which allows remote attackers to cause a denial of service (file descriptor exhaustion and disk space exhaustion) via a series of TCP connections. | |||||
CVE-2011-1649 | 1 Cisco | 2 Content Delivery System, Content Delivery System Engine | 2011-09-06 | 7.8 HIGH | N/A |
The Internet Streamer application in Cisco Content Delivery System (CDS) with software 2.5.7, 2.5.8, and 2.5.9 before build 126 allows remote attackers to cause a denial of service (Web Engine crash) via a crafted URL, aka Bug IDs CSCtg67333 and CSCth25341. | |||||
CVE-2011-1651 | 1 Cisco | 1 Ios Xr | 2011-09-06 | 7.8 HIGH | N/A |
Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095. | |||||
CVE-2011-1156 | 1 Mark Pilgrim | 1 Feedparser | 2011-08-23 | 5.0 MEDIUM | N/A |
feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0.1 allows remote attackers to cause a denial of service (application crash) via a malformed DOCTYPE declaration. | |||||
CVE-2006-6297 | 1 Kde | 1 Kdegraphics | 2011-08-03 | 5.0 MEDIUM | N/A |
Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service (stack consumption) via a crafted EXIF section in a JPEG file, which results in an infinite recursion. | |||||
CVE-2011-1845 | 1 Microsoft | 1 Silverlight | 2011-07-13 | 7.8 HIGH | N/A |
Multiple memory leaks in the DataGrid control implementation in Microsoft Silverlight 4 before 4.0.60310.0 allow remote attackers to cause a denial of service (memory consumption) via an application involving (1) subscriptions to an INotifyDataErrorInfo.ErrorsChanged event or (2) a TextBlock or TextBox element. | |||||
CVE-2011-1844 | 1 Microsoft | 1 Silverlight | 2011-07-13 | 7.8 HIGH | N/A |
Memory leak in Microsoft Silverlight 4 before 4.0.60310.0 allows remote attackers to cause a denial of service (memory consumption) via an application involving a popup control and a custom DependencyProperty property, related to lack of garbage collection. | |||||
CVE-2005-3501 | 1 Clamav | 1 Clamav | 2011-07-13 | 4.3 MEDIUM | N/A |
The cabd_find function in cabd.c of the libmspack library (mspack) for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted CAB file that causes cabd_find to be called with a zero length. | |||||
CVE-2011-0949 | 1 Cisco | 1 Ios Xr | 2011-07-11 | 7.8 HIGH | N/A |
Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote attackers to cause a denial of service (disk consumption) by making many SSHv1 connections, aka Bug ID CSCtd64417. | |||||
CVE-2011-2604 | 2 Intel, Microsoft | 2 G41 Driver, Windows Xp | 2011-07-11 | 7.1 HIGH | N/A |
The Intel G41 driver 6.14.10.5355 on Windows XP SP3 allows remote attackers to cause a denial of service (system crash) via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the Khronos WebGL SDK. | |||||
CVE-2011-0943 | 1 Cisco | 1 Ios Xr | 2011-07-11 | 7.8 HIGH | N/A |
Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to cause a denial of service (NetIO process restart or device reload) via a crafted IPv4 packet, aka Bug ID CSCth44147. | |||||
CVE-2011-2603 | 2 Apple, Nvidia | 2 Mac Os X, 9400m Driver | 2011-07-11 | 7.1 HIGH | N/A |
The NVIDIA 9400M driver 6.2.6 on Mac OS X 10.6.7 allows remote attackers to cause a denial of service (desktop hang) via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the Khronos WebGL SDK. |