Stack overflow

Multiple stack-based buffer overflows in Invensys Wonderware Information Server 3.1, 4.0, and 4.0 SP1 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via two unspecified ActiveX controls...

CVE-2011-2959

Stack-based buffer overflow in the Open Database Connectivity ODBC service Odbcixv9se.exe in 7-Technologies Interactive Graphical SCADA System IGSS 9 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted packet to TCP port 22202...

CVE-2011-2587

Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted Real Media file...

CVE-2011-2587

Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted Real Media file...

CVE-2011-0232

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1...

CVE-2011-1774

WebKit in Apple Safari before 5.0.6 has improper libxslt security settings, which allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted web site. NOTE: this may overlap CVE-2011-1425...

CVE-2010-1383

CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a "credential reflection" issue...

CVE-2011-0548

Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Autonomy KeyView, as used in Symantec Mail Security SMS 6.x through 8.x, Symantec Brightmail and Messaging Gateway before 9.5.1, and Symantec Data Loss Prevention DLP before 10.5.3 and 11.x before 11.1, allows remote attackers to...

CVE-2011-2364

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors, a different vulnerability than...

CVE-2011-2377

Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a multipart/x-mixed-replace image...

CVE-2011-0085

Use-after-free vulnerability in the nsXULCommandDispatcher function in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via a crafted XUL document that dequeues the current command updater...

Design/Logic Flaw

Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...

CVE-2011-2373

Use-after-free vulnerability in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14, when JavaScript is disabled, allows remote attackers to execute arbitrary code via a crafted XUL document...

CVE-2011-2376

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and Thunderbird before 3.1.11 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

CVE-2011-2363

CVE-2011-2363 is a use-after-free vulnerability in the nsSVGPointList::AppendElement function affecting Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14. It can cause application crashes or possibly allow arbitrary code execution via vectors involving a user-...

CVE-2011-2194

Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow...

CVE-2011-0209

Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted RIFF WAV file...

CVE-2011-2365

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors, a different vulnerability than...

CVE-2011-0083

Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...

CVE-2011-2377

Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a multipart/x-mixed-replace image...