Total
1227 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-0711 | 3 Ibm, Linux, Sun | 4 Aix, Db2, Linux Kernel and 1 more | 2024-11-21 | N/A |
| Integer signedness error in the db2dasrrm process in the DB2 Administration Server (DAS) in IBM DB2 9.1 through FP11, 9.5 before FP9, and 9.7 through FP5 on UNIX platforms allows remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow. | ||||
| CVE-2012-0685 | 1 Xnview | 1 Xnview | 2024-11-21 | N/A |
| Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0684. | ||||
| CVE-2012-0684 | 1 Xnview | 1 Xnview | 2024-11-21 | N/A |
| Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary code via a crafted file containing PSD record types, a different vulnerability than CVE-2012-0685. | ||||
| CVE-2012-0670 | 1 Apple | 1 Quicktime | 2024-11-21 | N/A |
| Integer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted sean atom in a movie file. | ||||
| CVE-2012-0667 | 2 Apple, Microsoft | 2 Quicktime, Windows | 2024-11-21 | N/A |
| Integer signedness error in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTVR movie file. | ||||
| CVE-2012-0662 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
| Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input. | ||||
| CVE-2012-0659 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
| Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file. | ||||
| CVE-2012-0642 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via a crafted catalog file in an HFS disk image. | ||||
| CVE-2012-0473 | 2 Mozilla, Redhat | 5 Firefox, Seamonkey, Thunderbird and 2 more | 2024-11-21 | N/A |
| The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 calls the FindMaxElementInSubArray function with incorrect template arguments, which allows remote attackers to obtain sensitive information from video memory via a crafted WebGL.drawElements call. | ||||
| CVE-2012-0417 | 1 Novell | 1 Groupwise | 2024-11-21 | N/A |
| Integer overflow in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2012-0407 | 1 Emc | 1 Data Protection Advisor | 2024-11-21 | N/A |
| Integer overflow in the DPA_Utilities library in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (infinite loop) via a negative 64-bit value in a certain size field. | ||||
| CVE-2012-0378 | 1 Cisco | 2 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software | 2024-11-21 | N/A |
| Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allow remote attackers to cause a denial of service (connection limit exceeded) by triggering a large number of stale connections that result in an incorrect value for an MPF connection count, aka Bug ID CSCtv19854. | ||||
| CVE-2012-0271 | 1 Novell | 1 Groupwise | 2024-11-21 | N/A |
| Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a request with -1 in the Content-Length HTTP header. | ||||
| CVE-2012-0268 | 1 Yahoo | 1 Messenger | 2024-11-21 | N/A |
| Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote attackers to execute arbitrary code via a crafted JPG image that triggers a heap-based buffer overflow. | ||||
| CVE-2012-0192 | 1 Ibm | 1 Lotus Symphony | 2024-11-21 | N/A |
| Multiple integer overflows in vclmi.dll in the visual class library module in IBM Lotus Symphony before 3.0.1 might allow remote attackers to execute arbitrary code via an embedded (1) JPEG or (2) PNG image object in a Symphony document that triggers a heap-based buffer overflow, as demonstrated by a .doc file. | ||||
| CVE-2012-0022 | 2 Apache, Redhat | 10 Tomcat, Enterprise Linux, Jboss Communications Platform and 7 more | 2024-11-21 | N/A |
| Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858. | ||||
| CVE-2011-5326 | 2 Debian, Enlightenment | 2 Debian Linux, Imlib2 | 2024-11-21 | N/A |
| imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse. | ||||
| CVE-2011-5244 | 3 Gnome, T1lib, Tetex | 3 Evince, T1lib, Tetex | 2024-11-21 | N/A |
| Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, different vulnerabilities than CVE-2010-2642 and CVE-2011-0433. | ||||
| CVE-2011-5008 | 1 3ssoftware | 1 Codesys | 2024-11-21 | N/A |
| Integer overflow in the GatewayService component in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attackers to execute arbitrary code via a large size value in the packet header, which triggers a heap-based buffer overflow. | ||||
| CVE-2011-5000 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2024-11-21 | N/A |
| The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant. | ||||