Search Results (1249 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-4057 1 Ibm 1 Soliddb 2025-04-11 N/A
solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing many integer fields with two different values, which allows remote attackers to cause a denial of service (invalid memory access and daemon crash) via a TCP session on port 1315.
CVE-2011-2496 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2025-04-11 N/A
Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system call that expands a memory mapping.
CVE-2010-4009 1 Apple 1 Quicktime 2025-04-11 N/A
Integer overflow in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
CVE-2010-4010 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-11 N/A
Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code via a crafted embedded Compact Font Format (CFF) font in a document.
CVE-2010-4015 2 Postgresql, Redhat 2 Postgresql, Enterprise Linux 2025-04-11 N/A
Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions.
CVE-2010-4665 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2025-04-11 N/A
Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entries.
CVE-2011-0547 1 Symantec 4 Netbackup Puredisk, Veritas Dynamic Multi-pathing, Veritas Storage Foundation and 1 more 2025-04-11 N/A
Multiple integer overflows in vxsvc.exe in the Veritas Enterprise Administrator service in Symantec Veritas Storage Foundation 5.1 and earlier, Veritas Storage Foundation Cluster File System (SFCFS) 5.1 and earlier, Veritas Storage Foundation Cluster File System Enterprise for Oracle RAC (SFCFSORAC) 5.1 and earlier, Veritas Dynamic Multi-Pathing (DMP) 5.1, and NetBackup PureDisk 6.5.x through 6.6.1.x allow remote attackers to execute arbitrary code via (1) a crafted Unicode string, related to the vxveautil.value_binary_unpack function; (2) a crafted ASCII string, related to the vxveautil.value_binary_unpack function; or (3) a crafted value, related to the vxveautil.kv_binary_unpack function, leading to a buffer overflow.
CVE-2012-4167 6 Adobe, Apple, Google and 3 more 8 Air, Air Sdk, Flash Player and 5 more 2025-04-11 N/A
Integer overflow in Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2011-0558 2 Adobe, Redhat 2 Flash Player, Rhel Extras 2025-04-11 N/A
Integer overflow in Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code via a large array length value in the ActionScript method of the Function class.
CVE-2012-0667 2 Apple, Microsoft 2 Quicktime, Windows 2025-04-11 N/A
Integer signedness error in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTVR movie file.
CVE-2011-0663 1 Microsoft 8 Jscript, Vbscript, Windows 2003 Server and 5 more 2025-04-11 8.8 High
Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka "Scripting Memory Reallocation Vulnerability."
CVE-2011-0758 1 Ca 2 Etrust Secure Content Manager, Gateway Security 2025-04-11 N/A
The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow.
CVE-2012-2088 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2025-04-11 N/A
Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion between signed and unsigned types, leading to a heap-based buffer overflow.
CVE-2012-2113 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2025-04-11 N/A
Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
CVE-2011-4259 1 Realnetworks 1 Realplayer 2025-04-11 N/A
Integer underflow in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted width value in an MPG file.
CVE-2011-1494 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2025-04-11 N/A
Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow.
CVE-2010-1319 1 Realnetworks 3 Helix Mobile Server, Helix Server, Helix Server Mobile 2025-04-11 N/A
Integer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote attackers to execute arbitrary code via a request with a crafted payload length.
CVE-2011-4566 4 Canonical, Debian, Php and 1 more 4 Ubuntu Linux, Debian Linux, Php and 1 more 2025-04-11 N/A
Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708.
CVE-2011-1554 4 Foolabs, Glyphandcog, Redhat and 1 more 4 Xpdf, Xpdfreader, Enterprise Linux and 1 more 2025-04-11 N/A
Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.
CVE-2011-1564 1 Realflex 1 Realwin 2025-04-11 N/A
Multiple integer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6.1.10.10) and earlier allow remote attackers to execute arbitrary code via crafted (1) On_FC_MISC_FCS_MSGBROADCAST and (2) On_FC_MISC_FCS_MSGSEND packets, which trigger a heap-based buffer overflow.