Total
2596 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3108 | 1 Google | 1 Chrome | 2017-09-18 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 19.0.1084.52 allows remote attackers to execute arbitrary code via vectors related to the browser cache. | |||||
| CVE-2011-3112 | 1 Google | 1 Chrome | 2017-09-18 | 5.0 MEDIUM | N/A |
| Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an invalid encrypted document. | |||||
| CVE-2011-2440 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2017-09-18 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-3184 | 1 Pidgin | 1 Pidgin | 2017-09-18 | 4.3 MEDIUM | N/A |
| The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.0 does not properly handle HTTP 100 responses, which allows remote attackers to cause a denial of service (incorrect memory access and application crash) via vectors involving a crafted server message. | |||||
| CVE-2011-2761 | 1 Google | 1 Chrome | 2017-09-18 | 4.3 MEDIUM | N/A |
| Google Chrome 14.0.794.0 does not properly handle a reload of a page generated in response to a POST, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web site, related to GetWidget methods. | |||||
| CVE-2011-1140 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet. | |||||
| CVE-2011-1141 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements. | |||||
| CVE-2011-1139 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field. | |||||
| CVE-2011-0445 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 5.0 MEDIUM | N/A |
| The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap. | |||||
| CVE-2011-2363 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2017-09-18 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback. | |||||
| CVE-2011-1142 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 5.0 MEDIUM | N/A |
| Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service (infinite loop) via vectors involving self-referential ASN.1 CHOICE values. | |||||
| CVE-2011-2174 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression. | |||||
| CVE-2010-3811 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2017-09-18 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element attributes. | |||||
| CVE-2010-2874 | 1 Adobe | 1 Shockwave Player | 2017-09-18 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to execute arbitrary code via unknown vectors that trigger memory corruption. NOTE: due to conflicting information and use of the same CVE identifier by the vendor, ZDI, and TippingPoint, it is not clear whether this issue is related to use of an uninitialized pointer, an incorrect pointer offset calculation, or both. | |||||
| CVE-2010-4374 | 1 Nullsoft | 1 Winamp | 2017-09-18 | 4.3 MEDIUM | N/A |
| The in_mkv plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via a Matroska Video (MKV) file containing a string with a crafted length. | |||||
| CVE-2010-3021 | 1 Opera | 1 Opera Browser | 2017-09-18 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 10.61 allows remote attackers to cause a denial of service (CPU consumption and application hang) via an animated PNG image. | |||||
| CVE-2010-4486 | 1 Google | 1 Chrome | 2017-09-18 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to history handling. | |||||
| CVE-2010-3167 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2017-09-18 | 9.3 HIGH | N/A |
| The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a "dangling pointer vulnerability." | |||||
| CVE-2010-3180 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2017-09-18 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window. | |||||
| CVE-2010-3445 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 5.0 MEDIUM | N/A |
| Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP. | |||||