Export limit exceeded: 47133 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (3295 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-2480 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2025-04-11 N/A
The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2012-2038 8 Adobe, Apple, Google and 5 more 14 Air, Flash Player, Macos and 11 more 2025-04-11 N/A
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
CVE-2012-2037 8 Adobe, Apple, Google and 5 more 14 Air, Flash Player, Macos and 11 more 2025-04-11 N/A
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2034.
CVE-2013-2479 2 Opensuse, Wireshark 2 Opensuse, Wireshark 2025-04-11 N/A
The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via invalid Sub-tlv data.
CVE-2012-2035 8 Adobe, Apple, Google and 5 more 14 Air, Flash Player, Macos and 11 more 2025-04-11 N/A
Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors.
CVE-2013-2217 3 Jeff Ortel, Opensuse, Redhat 3 Suds, Opensuse, Enterprise Linux 2025-04-11 N/A
cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/.
CVE-2013-2191 3 Fedoraproject, Opensuse, Python Bugzilla Project 3 Fedora, Opensuse, Python-bugzilla 2025-04-11 N/A
python-bugzilla before 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof Bugzilla servers via a crafted certificate.
CVE-2013-2190 2 Clutter Project, Opensuse 2 Clutter, Opensuse 2025-04-11 N/A
The translate_hierarchy_event function in x11/clutter-device-manager-xi2.c in Clutter, when resuming the system, does not properly handle XIQueryDevice errors when a device has "disappeared," which causes the gnome-shell to crash and allows physically proximate attackers to access the previous gnome-shell session via unspecified vectors.
CVE-2013-2174 4 Canonical, Haxx, Opensuse and 1 more 5 Ubuntu Linux, Curl, Libcurl and 2 more 2025-04-11 N/A
Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character.
CVE-2012-2036 8 Adobe, Apple, Google and 5 more 14 Air, Flash Player, Macos and 11 more 2025-04-11 N/A
Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors.
CVE-2010-3702 9 Apple, Canonical, Debian and 6 more 12 Cups, Ubuntu Linux, Debian Linux and 9 more 2025-04-11 N/A
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.
CVE-2013-2168 2 Freedesktop, Opensuse 2 Dbus, Opensuse 2025-04-11 N/A
The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x before 1.4.26, 1.6.x before 1.6.12, and 1.7.x before 1.7.4 allows local users to cause a denial of service (service crash) via a crafted message.
CVE-2013-2161 3 Openstack, Opensuse, Redhat 5 Folsom, Grizzly, Havana and 2 more 2025-04-11 N/A
XML injection vulnerability in account/utils.py in OpenStack Swift Folsom, Grizzly, and Havana allows attackers to trigger invalid or spoofed Swift responses via an account name.
CVE-2012-2040 7 Adobe, Apple, Google and 4 more 8 Air, Flash Player, Macos and 5 more 2025-04-11 N/A
Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows local users to gain privileges via a Trojan horse executable file in an unspecified directory.
CVE-2013-2139 4 Cisco, Fedoraproject, Opensuse and 1 more 4 Libsrtp, Fedora, Opensuse and 1 more 2025-04-11 N/A
Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and srtp_protect functions.
CVE-2013-2132 4 Canonical, Mongodb, Opensuse and 1 more 4 Ubuntu Linux, Mongodb, Opensuse and 1 more 2025-04-11 N/A
bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef."
CVE-2010-3442 7 Canonical, Debian, Fedoraproject and 4 more 11 Ubuntu Linux, Debian Linux, Fedora and 8 more 2025-04-11 N/A
Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call.
CVE-2013-2126 3 Canonical, Libraw, Opensuse 3 Ubuntu Linux, Libraw, Opensuse 2025-04-11 N/A
Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.
CVE-2013-2112 5 Apache, Canonical, Collabnet and 2 more 5 Subversion, Ubuntu Linux, Subversion and 2 more 2025-04-11 N/A
The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection.
CVE-2012-1976 5 Canonical, Mozilla, Opensuse and 2 more 15 Ubuntu Linux, Firefox, Seamonkey and 12 more 2025-04-11 N/A
Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.