Search Results (15969 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-2987 1 Mozilla 3 Firefox, Seamonkey, Thunderbird 2025-04-11 N/A
Heap-based buffer overflow in Almost Native Graphics Layer Engine (ANGLE), as used in the WebGL implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products might allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2012-4914 1 Coolpdf 1 Coolpdf 2025-04-11 N/A
Stack-based buffer overflow in the reader in CoolPDF 3.0.2.256 allows remote attackers to execute arbitrary code via a PDF document with a crafted stream.
CVE-2011-2988 1 Mozilla 3 Firefox, Seamonkey, Thunderbird 2025-04-11 N/A
Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long source-code block for a shader.
CVE-2011-3005 1 Mozilla 3 Firefox, Seamonkey, Thunderbird 2025-04-11 N/A
Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OGG headers in a .ogg file.
CVE-2010-3334 1 Microsoft 2 Office, Open Xml File Format Converter 2025-04-11 N/A
Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Office document containing an Office Art Drawing record with crafted msofbtSp records and unspecified flags, which triggers memory corruption, aka "Office Art Drawing Records Vulnerability."
CVE-2010-3335 1 Microsoft 2 Office, Open Xml File Format Converter 2025-04-11 N/A
Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Drawing Exception Handling Vulnerability."
CVE-2011-3219 2 Apple, Microsoft 4 Itunes, Windows 7, Windows Vista and 1 more 2025-04-11 N/A
Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.
CVE-2013-0512 1 Ibm 2 Rational Policy Tester, Security Appscan 2025-04-11 N/A
Stack-based buffer overflow in the Manual Explore browser plug-in for Firefox in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allows remote attackers to cause a denial of service (plug-in crash) via a crafted web page.
CVE-2011-3235 1 Apple 2 Itunes, Webkit 2025-04-11 N/A
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
CVE-2011-3238 1 Apple 2 Itunes, Webkit 2025-04-11 N/A
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
CVE-2012-5002 1 Ricoh 2 Dl-10, Sr10 Ftp Server 2025-04-11 N/A
Stack-based buffer overflow in SR10 FTP server (SR10.exe) 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote attackers to execute arbitrary code via a long USER FTP command.
CVE-2010-3434 1 Clamav 1 Clamav 2025-04-11 N/A
Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. NOTE: some of these details are obtained from third party information.
CVE-2011-3239 1 Apple 2 Itunes, Webkit 2025-04-11 N/A
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
CVE-2012-5006 1 Caminova 1 Djvu Browser Plug-in 2025-04-11 N/A
Heap-based buffer overflow in npdjvu.dll in Caminova DjVu Browser Plug-in 6.1.4 Build 27351 and other versions before 6.1.4.27993 allows remote attackers to execute arbitrary code via a crafted Sjbz chunk in a djvu file.
CVE-2011-3249 2 Apple, Microsoft 4 Quicktime, Windows 7, Windows Vista and 1 more 2025-04-11 N/A
Buffer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with FLC encoding.
CVE-2011-3252 2 Apple, Microsoft 4 Itunes, Windows 7, Windows Vista and 1 more 2025-04-11 N/A
Buffer overflow in CoreAudio, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Advanced Audio Coding (AAC) stream.
CVE-2013-1961 2 Redhat, Remotesensing 2 Enterprise Linux, Libtiff 2025-04-11 N/A
Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file.
CVE-2013-0541 2 Ibm, Microsoft 2 Websphere Application Server, Windows 2025-04-11 N/A
Buffer overflow in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Windows, when a localOS registry is used in conjunction with WebSphere Identity Manger (WIM), allows local users to cause a denial of service (daemon crash) via unspecified vectors.
CVE-2011-3268 1 Php 1 Php 2025-04-11 N/A
Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483.
CVE-2012-5120 2 Google, Linux 3 Chrome, V8, Linux Kernel 2025-04-11 N/A
Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on 64-bit Linux platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to an array.