Export limit exceeded: 365524 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (15993 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-3007 1 Invensys 5 Dasabcip, Daserver Runtime Components, Dassidirect and 2 more 2025-04-11 N/A
Stack-based buffer overflow in slssvc.exe before 58.x in Invensys Wonderware SuiteLink in the Invensys System Platform software suite, as used in InTouch/Wonderware Application Server IT before 10.5 and WAS before 3.5, DASABCIP before 4.1 SP2, DASSiDirect before 3.0, DAServer Runtime Components before 3.0 SP2, and other products, allows remote attackers to cause a denial of service (daemon crash or hang) via a long Unicode string.
CVE-2011-0488 2 Advantech, Indusoft 2 Advantech Studio, Web Studio 2025-04-11 N/A
Stack-based buffer overflow in NTWebServer.exe in the test web service in InduSoft NTWebServer, as distributed in Advantech Studio 6.1 and InduSoft Web Studio 7.0, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long request to TCP port 80.
CVE-2011-3345 1 Openfabrics 1 Enterprise Distribution 2025-04-11 N/A
ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_kernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution (OFED) before 1.5.3 does not properly handle certain non-array variables, which allows local users to cause a denial of service (stack memory corruption and system crash) by reading the /proc/net/sdpstats file.
CVE-2011-0499 1 Verytools 2 Videospirit Lite, Videospirit Pro 2025-04-11 N/A
Buffer overflow in VideoSpirit Pro 1.6.8.1 and possibly earlier versions, and VideoSpirit Lite 1.4.0.1 and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a VideoSpirit project (.visprj) file containing a valitem element with a long "name" attribute. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2011-0500 1 Verytools 2 Videospirit Lite, Videospirit Pro 2025-04-11 N/A
Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and VideoSpirit Lite 1.4.0.1 and possibly other versions; allows user-assisted remote attackers to execute arbitrary code via a VideoSpirit project (.visprj) file containing a valitem element with a long "value" attribute, as demonstrated using a valitem with the mp3 name.
CVE-2011-0522 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<" without a closing ">" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv.
CVE-2011-0530 1 Wouter Verhelst 1 Nbd 2025-04-11 N/A
Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd) before 2.9.20 might allow remote attackers to execute arbitrary code via a long request. NOTE: this issue exists because of a CVE-2005-3534 regression.
CVE-2011-4604 1 Linux 1 Linux Kernel 2025-04-11 N/A
The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux kernel before 3.3 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted batman-adv ICMP packet.
CVE-2011-4914 2 Linux, Novell 2 Linux Kernel, Suse Linux Enterprise Server 2025-04-11 N/A
The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via crafted data to a ROSE socket.
CVE-2011-0538 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2025-04-11 N/A
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.
CVE-2012-0265 2 Apple, Microsoft 2 Quicktime, Windows 2025-04-11 N/A
Stack-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pathname for a file.
CVE-2012-0277 1 Xnview 1 Xnview 2025-04-11 N/A
Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PCT image.
CVE-2012-0654 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-11 N/A
libsecurity in Apple Mac OS X before 10.7.4 accesses uninitialized memory locations during the processing of X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted certificate.
CVE-2011-0548 1 Symantec 3 Brightmail And Messaging Gateway, Data Loss Prevention, Mail Security 2025-04-11 N/A
Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Autonomy KeyView, as used in Symantec Mail Security (SMS) 6.x through 8.x, Symantec Brightmail and Messaging Gateway before 9.5.1, and Symantec Data Loss Prevention (DLP) before 10.5.3 and 11.x before 11.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .prz file. NOTE: this may overlap CVE-2011-1217.
CVE-2012-0409 1 Emc 1 Autostart 2025-04-11 N/A
Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.3 allow remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via crafted packets.
CVE-2011-0559 2 Adobe, Redhat 2 Flash Player, Rhel Extras 2025-04-11 N/A
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
CVE-2011-4086 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2025-04-11 N/A
The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service (system crash) by leveraging the presence of an ext4 filesystem that was mounted with a journal.
CVE-2011-0566 4 Adobe, Apple, Microsoft and 1 more 5 Acrobat, Acrobat Reader, Mac Os X and 2 more 2025-04-11 N/A
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603.
CVE-2012-0666 2 Apple, Microsoft 2 Quicktime, Windows 2025-04-11 N/A
Stack-based buffer overflow in the plugin in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTMovie object.
CVE-2011-0569 1 Adobe 1 Shockwave Player 2025-04-11 N/A
The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PFR1 chunk containing an invalid size value that leads to an unexpected sign extension and a buffer overflow, a different vulnerability than CVE-2011-0556.