Code injection

Unspecified vulnerability in War FTP Daemon warftpd 1.82, when running as a Windows service, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors related to log messages and the "internal log handler to the Windows Event log."...

Adobe Flash Player Multiple Vulnerabilities - 01 (Apr 2014) - Windows

Adobe Flash Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:flashplayer";...

CVE-2014-0506

Technical details about CVE-2014-0506 are not publicly provided in the supplied documents. The sources reference the vulnerability but do not include specifics on impact, affected products beyond Flash Player/AIR, or remediation. Monitor for updates.

CVE-2014-0510

Heap-based buffer overflow in Adobe Flash Player 12.0.0.77 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Zeguang Zhao and Liang Chen during a Pwn2Own competition at CanSecWest 2014...

CVE-2014-0506

Use-after-free vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remo...

CVE-2014-2523

CVE-2014-2523 applies to the Linux kernel code path net/netfilter/nf_conntrack_proto_dccp.c up to version 3.13.6. The vulnerability arises from incorrect handling of a DCCP header pointer, which could allow remote attackers to cause a system crash ( denial of service ) or potentially execute arbi...

CVE-2014-2523

net/netfilter/nfconntrackprotodccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service system crash or possibly execute arbitrary code via a DCCP packet that triggers a call to the 1 dccpnew, 2 dccppacket, or 3...

CVE-2014-1493

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary cod...

Memory corruption

WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293...

Memory corruption

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a certain sequence of manipulations of a TextRange element, aka "Internet Explorer Memory Corruption Vulnerability."...

CVE-2014-0307

CVE-2014-0307 is a use-after-free vulnerability in Microsoft Internet Explorer 9—triggered by a sequence of manipulations of a TextRange object, enabling remote code execution or memory corruption. The connected sources confirm this is tied to the MS14-012 bulletin and specifically affect Interne...

CVE-2014-0307

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a certain sequence of manipulations of a TextRange element, aka "Internet Explorer Memory Corruption Vulnerability."...

Microsoft Internet Explorer CVE-2014-0312 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability due to a use-after-free condition. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies...

CVE-2014-0004

Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service crash and possibly execute arbitrary code via a long mount point...

Debian DSA-2870-1 : libyaml-libyaml-perl - heap-based buffer overflow

Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially crafted tag that, when parsed by an application using libyaml, would cause the...

CVE-2014-2013

Stack-based buffer overflow in the xpsparsecolor function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element...

Stack overflow

Stack-based buffer overflow in the xpsparsecolor function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element...

FreeBSD : Python -- buffer overflow in socket.recvfrom_into() (8e5e6d42-a0fa-11e3-b09a-080027f2d077)

Vincent Danen via Red Hat Issue Tracker reports : A vulnerability was reported in Python's socket module, due to a boundary error within the sockrecvfrominto function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the...

Buffer overflow

Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted clef atom in a movie file...

Memory corruption

QuickLook in Apple OS X through 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted Microsoft Office document...