Export limit exceeded: 15969 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (15969 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-1750 1 Realnetworks 2 Realplayer, Realplayer Sp 2025-04-11 N/A
Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file.
CVE-2013-1845 3 Apache, Opensuse, Redhat 3 Subversion, Opensuse, Enterprise Linux 2025-04-11 N/A
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory.
CVE-2013-1846 3 Apache, Opensuse, Redhat 3 Subversion, Opensuse, Enterprise Linux 2025-04-11 N/A
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL.
CVE-2013-1860 3 Canonical, Linux, Redhat 4 Ubuntu Linux, Linux Kernel, Enterprise Linux and 1 more 2025-04-11 N/A
Heap-based buffer overflow in the wdm_in_callback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted cdc-wdm USB device.
CVE-2013-1861 7 Canonical, Debian, Mariadb and 4 more 9 Ubuntu Linux, Debian Linux, Mariadb and 6 more 2025-04-11 N/A
MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.
CVE-2013-1868 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser.
CVE-2013-1943 3 Canonical, Linux, Redhat 4 Ubuntu Linux, Linux Kernel, Enterprise Linux and 1 more 2025-04-11 7.8 High
The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted application, related to arch/x86/kvm/paging_tmpl.h and virt/kvm/kvm_main.c.
CVE-2013-1954 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player 2.0.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ASF movie that triggers an out-of-bounds read.
CVE-2013-1960 2 Redhat, Remotesensing 2 Enterprise Linux, Libtiff 2025-04-11 N/A
Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.
CVE-2013-1961 2 Redhat, Remotesensing 2 Enterprise Linux, Libtiff 2025-04-11 N/A
Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file.
CVE-2013-1980 1 Extended Module Player Project 1 Extended Module Player 2025-04-11 N/A
Buffer overflow in the get_dsmp function in loaders/masi_load.c in libxmp before 4.1.0 allows remote attackers to execute arbitrary code via a crafted MASI file.
CVE-2013-1995 2 Redhat, X.org 2 Enterprise Linux, Libxi 2025-04-11 N/A
X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function.
CVE-2013-2127 1 Libraw 1 Libraw 2025-04-11 N/A
Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
CVE-2013-2576 1 B-e-soft 1 Artweaver 2025-04-11 N/A
Buffer overflow in Artweaver before 3.1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AWD file.
CVE-2013-2139 4 Cisco, Fedoraproject, Opensuse and 1 more 4 Libsrtp, Fedora, Opensuse and 1 more 2025-04-11 N/A
Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and srtp_protect functions.
CVE-2011-0314 1 Ibm 1 Websphere Mq 2025-04-11 N/A
Heap-based buffer overflow in IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 allows remote authenticated users to execute arbitrary code or cause a denial of service (queue manager crash) by inserting an invalid message into the queue.
CVE-2013-2156 1 Apache 1 Xml Security For C\+\+ 2025-04-11 N/A
Heap-based buffer overflow in the Exclusive Canonicalization functionality (xsec/canon/XSECC14n20010315.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PrefixList attribute.
CVE-2013-2577 1 Xnview 1 Xnview 2025-04-11 N/A
Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file.
CVE-2013-2492 2 Firebirdsql, Microsoft 2 Firebird, Windows 2025-04-11 N/A
Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT information.
CVE-2013-2493 1 Google 1 Chrome Frame 2025-04-11 N/A
The Hook_Terminate function in chrome_frame/protocol_sink_wrap.cc in the Google Chrome Frame plugin before 26.0.1410.28 for Internet Explorer does not properly handle attach tab requests, which allows user-assisted remote attackers to cause a denial of service (application crash) via an _blank value for the target attribute of an A element.