Export limit exceeded: 41610 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (41610 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-5571 | 1 Hmailserver | 1 Hmailserver | 2024-11-21 | 5.9 Medium |
| HMailServer 5.3.x and prior: Memory Corruption which could cause DOS | ||||
| CVE-2013-4743 | 1 Static Http Server Project | 1 Static Http Server | 2024-11-21 | 9.8 Critical |
| Static HTTP Server 1.0 has a Local Overflow | ||||
| CVE-2013-4536 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack | 2024-11-21 | 7.8 High |
| An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. | ||||
| CVE-2013-4535 | 2 Qemu, Redhat | 8 Qemu, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-11-21 | 8.8 High |
| The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read. | ||||
| CVE-2013-4532 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2024-11-21 | 7.8 High |
| Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. | ||||
| CVE-2013-4357 | 5 Canonical, Debian, Eglibc and 2 more | 5 Ubuntu Linux, Debian Linux, Eglibc and 2 more | 2024-11-21 | 7.5 High |
| The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. | ||||
| CVE-2013-3947 | 1 Ahnlab | 1 V3 Internet Security | 2024-11-21 | N/A |
| Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 (Build 1373) allows local users to gain privileges via a crafted 0xA3350014 IOCTL call. | ||||
| CVE-2013-3553 | 1 Nitropdf | 2 Nitro Pro, Nitro Reader | 2024-11-21 | N/A |
| Nitro Pro 7.5.0.22 and earlier and Nitro Reader 2.5.0.36 and earlier allow remote attackers to execute arbitrary code via a crafted PDF file. | ||||
| CVE-2013-3552 | 1 Nitropdf | 2 Nitro Pro, Nitro Reader | 2024-11-21 | N/A |
| Nitro Pro 7.5.0.29 and earlier and Nitro Reader 2.5.0.45 and earlier allow remote attackers to execute arbitrary code via a crafted PDF file. | ||||
| CVE-2013-3493 | 1 Xnview | 1 Xnview | 2024-11-21 | 9.8 Critical |
| XnView 2.03 has an integer overflow vulnerability | ||||
| CVE-2013-3489 | 1 Mpc-hc | 1 Mpc-hc | 2024-11-21 | 7.8 High |
| Buffer overflow in Media Player Classic - Home Cinema (MPC-HC) before 1.7.0 allows remote attackers to execute arbitrary code via a crafted RealMedia .rm file | ||||
| CVE-2013-3488 | 1 Mpc-hc | 1 Mpc-hc | 2024-11-21 | 7.8 High |
| Stack-based buffer overflow in Media Player Classic - Home Cinema (MPC-HC) before 1.7.0.7858 allows remote attackers to execute arbitrary code via a crafted MPEG-2 Transport Stream (M2TS) file. | ||||
| CVE-2013-3486 | 1 Irfanview | 1 Flashpix Plugin | 2024-11-21 | 9.6 Critical |
| IrfanView FlashPix Plugin 4.3.4 0 has an Integer Overflow Vulnerability | ||||
| CVE-2013-2807 | 1 Rockwellautomation | 1 Rslinx Enterprise | 2024-11-21 | N/A |
| Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic error if it calculates an incorrect value for the “Total Record Size” field. By sending a datagram to the service over Port 4444/UDP with the “Record Data Size” field modified to a specifically oversized value, the service will calculate an undersized value for the “Total Record Size” that will cause an out-of-bounds read access violation that leads to a service crash. The service can be recovered with a manual reboot. The patches and details pertaining to these vulnerabilities can be found at the following Rockwell Automation Security Advisory link (login is required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599 | ||||
| CVE-2013-2806 | 1 Rockwellautomation | 1 Rslinx Enterprise | 2024-11-21 | N/A |
| Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic error if it calculates an incorrect value for the “End of Current Record” field. By sending a datagram to the service over Port 4444/UDP with the “Record Data Size” field modified to a specifically oversized value, the service will calculate an undersized value for the “Total Record Size.” Then the service will calculate an incorrect value for the “End of Current Record” field causing access violations that lead to a service crash. The service can be recovered with a manual reboot. The patches and details pertaining to these vulnerabilities can be found at the following Rockwell Automation security advisory link (login is required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599 | ||||
| CVE-2013-2805 | 1 Rockwellautomation | 1 Rslinx Enterprise | 2024-11-21 | N/A |
| Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 does not handle input correctly and results in a logic error if it receives a datagram with an incorrect value in the “Record Data Size” field. By sending a datagram to the service over Port 4444/UDP with the “Record Data Size” field modified to an oversized value, an attacker could cause an out-of-bounds read access violation that leads to a service crash. The service can be recovered with a manual reboot. The patches and details pertaining to this vulnerability can be found at the following Rockwell Automation Security Advisory link (login is required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599 | ||||
| CVE-2013-2739 | 2 Debian, Readymedia Project | 2 Debian Linux, Readymedia | 2024-11-21 | 9.8 Critical |
| MiniDLNA has heap-based buffer overflow | ||||
| CVE-2013-2682 | 1 Cisco | 2 Linksys E4200, Linksys E4200 Firmware | 2024-11-21 | 4.3 Medium |
| Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information. | ||||
| CVE-2013-2675 | 1 Brother | 2 Mfc-9970cdw, Mfc-9970cdw Firmware | 2024-11-21 | 6.5 Medium |
| Brother MFC-9970CDW 1.10 devices with Firmware L contain a Frameable response (Clickjacking) vulnerability which could allow remote attackers to obtain sensitive information. | ||||
| CVE-2013-2075 | 1 Call-cc | 1 Chicken | 2024-11-21 | 8.8 High |
| Multiple buffer overflows in the (1) R5RS char-ready, (2) tcp-accept-ready, and (3) file-select procedures in Chicken through 4.8.0.3 allows attackers to cause a denial of service (crash) by opening a file descriptor with a large integer value. NOTE: this issue exists because of an incomplete fix for CVE-2012-6122. | ||||