Export limit exceeded: 17848 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15523 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-2154 | 1 Apache | 1 Xml Security For C\+\+ | 2025-04-11 | N/A |
| Stack-based buffer overflow in the XML Signature Reference functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed XPointer expressions, probably related to the DSIGReference::getURIBaseTXFM function. | ||||
| CVE-2013-2156 | 1 Apache | 1 Xml Security For C\+\+ | 2025-04-11 | N/A |
| Heap-based buffer overflow in the Exclusive Canonicalization functionality (xsec/canon/XSECC14n20010315.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PrefixList attribute. | ||||
| CVE-2013-2210 | 1 Apache | 1 Xml Security For C\+\+ | 2025-04-11 | N/A |
| Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed XPointer expressions. NOTE: this is due to an incorrect fix for CVE-2013-2154. | ||||
| CVE-2013-2212 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service (CPU consumption and possibly hypervisor or guest kernel panic) via a crafted GFN range. | ||||
| CVE-2013-2220 | 2 Php, Radius Extension Project | 2 Php, Radius | 2025-04-11 | N/A |
| Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value. | ||||
| CVE-2013-2223 | 1 Wernerd | 1 Zrtpcpp | 2025-04-11 | N/A |
| GNU ZRTPCPP before 3.2.0 allows remote attackers to obtain sensitive information (uninitialized heap memory) or cause a denial of service (out-of-bounds read) via a crafted packet, as demonstrated by a truncated Ping packet that is not properly handled by the getEpHash function. | ||||
| CVE-2013-2234 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-11 | N/A |
| The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions in net/key/af_key.c in the Linux kernel before 3.10 do not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by reading a broadcast message from the notify interface of an IPSec key_socket. | ||||
| CVE-2013-2236 | 2 Quagga, Redhat | 2 Quagga, Enterprise Linux | 2025-04-11 | N/A |
| Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA. | ||||
| CVE-2013-2238 | 1 Freeswitch | 1 Freeswitch | 2025-04-11 | N/A |
| Multiple buffer overflows in the switch_perform_substitution function in switch_regex.c in FreeSWITCH 1.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the index and substituted variables. | ||||
| CVE-2013-2266 | 2 Isc, Redhat | 2 Bind, Enterprise Linux | 2025-04-11 | N/A |
| libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process. | ||||
| CVE-2012-0043 | 1 Wireshark | 1 Wireshark | 2025-04-11 | N/A |
| Buffer overflow in the reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a series of fragmented RLC packets. | ||||
| CVE-2013-2477 | 2 Opensuse, Wireshark | 2 Opensuse, Wireshark | 2025-04-11 | N/A |
| The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||||
| CVE-2013-2492 | 2 Firebirdsql, Microsoft | 2 Firebird, Windows | 2025-04-11 | N/A |
| Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT information. | ||||
| CVE-2013-2493 | 1 Google | 1 Chrome Frame | 2025-04-11 | N/A |
| The Hook_Terminate function in chrome_frame/protocol_sink_wrap.cc in the Google Chrome Frame plugin before 26.0.1410.28 for Internet Explorer does not properly handle attach tab requests, which allows user-assisted remote attackers to cause a denial of service (application crash) via an _blank value for the target attribute of an A element. | ||||
| CVE-2013-2494 | 1 Isc | 1 Dhcp | 2025-04-11 | N/A |
| libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to cause a denial of service (memory consumption) via vectors involving a regular expression, as demonstrated by a memory-exhaustion attack against a machine running a dhcpd process, a related issue to CVE-2013-2266. | ||||
| CVE-2013-2496 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The msrle_decode_8_16_24_32 function in msrledec.c in libavcodec in FFmpeg through 1.1.3 does not properly determine certain end pointers, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted Microsoft RLE data. | ||||
| CVE-2013-2557 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | N/A |
| The sandbox protection mechanism in Microsoft Internet Explorer 9 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, as demonstrated against Adobe Flash Player by VUPEN during a Pwn2Own competition at CanSecWest 2013. | ||||
| CVE-2013-2577 | 1 Xnview | 1 Xnview | 2025-04-11 | N/A |
| Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file. | ||||
| CVE-2013-2688 | 1 Blackberry | 2 Qnx Neutrino Rtos, Qnx Software Development Platform | 2025-04-11 | N/A |
| Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage improper handling of the /dev/photon device file. | ||||
| CVE-2013-2691 | 1 Jetaudio | 1 Jetaudio | 2025-04-11 | N/A |
| Stack-based buffer overflow in the JetMPG.ax module in jetAudio 8.0.17 allows remote attackers to execute arbitrary code via a crafted MPEG2-TS video file, related to the MPEG2 transport stream. | ||||