CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

222 matches found

Prion•added 2013/02/02 12:55 a.m.•14 views

Deserialization of untrusted data

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information...

5CVSS6AI score0.04875EPSS

Exploits0References26Affected Software2

Prion•added 2012/03/21 10:11 a.m.•20 views

Design/Logic Flaw

The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal aka Cat QuickHeal 11.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900,...

4.3CVSS7AI score0.97903EPSS

Exploits0References4Affected Software10

NVD•added 2011/12/22 3:29 p.m.•12 views

CVE-2011-4037

Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file...

9.3CVSS7.8AI score0.04713EPSS

Exploits0References3

OSV•added 2011/03/31 10:55 p.m.•1 views

DEBIAN-CVE-2011-1174

manager.c in Asterisk Open Source 1.6.1.x before 1.6.1.24, 1.6.2.x before 1.6.2.17.2, and 1.8.x before 1.8.3.2 allows remote attackers to cause a denial of service CPU and memory consumption via a series of manager sessions involving invalid data...

5CVSS6.4AI score0.02724EPSS

Exploits0References1

ATTACKERKB•added 2010/10/18 5:0 p.m.•1 views

CVE-2009-5005

The Cluster::deliveredEvent function in cluster/Cluster.cpp in Apache Qpid, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote attackers to cause a denial of service daemon crash and cluster outage via invalid AMQP data...

5CVSS5.6AI score0.05927EPSS

Exploits0References8

RedHat Linux•added 2010/10/14 4:9 p.m.•2 views

qpid: crash on receipt of invalid AMQP data

5CVSS5.9AI score0.05927EPSS

Exploits0References4

OpenVAS•added 2010/07/22 12:0 a.m.•17 views

FreeBSD Ports: bogofilter

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5CVSS6.3AI score0.03441EPSS

Exploits0References2

Tenable Nessus•added 2009/05/06 12:0 a.m.•41 views

Debian DSA-1790-1 : xpdf - multiple vulnerabilities

Several vulnerabilities have been identified in xpdf, a suite of tools for viewing and converting Portable Document Format PDF files. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0146 Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2...

10CVSS6.1AI score0.07347EPSS

Exploits1References24

RedHat Linux•added 2009/04/30 8:55 p.m.•0 views

PDF JBIG2 invalid free()

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data...

6.8CVSS6.2AI score0.05411EPSS

Exploits1References4

UbuntuCve•added 2009/04/23 12:0 a.m.•30 views

CVE-2009-1180

6.8CVSS6.1AI score0.05411EPSS

Exploits1References3

securityvulns•added 2008/03/13 12:0 a.m.•18 views

Zabbix DoS

Invalid data to TCP/10050 приводят к отказу службы...

1AI score

Exploits0References1

Prion•added 2008/02/21 7:44 p.m.•12 views

Code injection

Unspecified vulnerability in the SEWB3 messaging service in Hitachi SEWB3/PLATFORM and SEWB3/MI-PLATFORM 01-00 through 02-14-/A allows remote attackers to cause a denial of service service outage via "invalid data."...

4.3CVSS7.2AI score0.01189EPSS

Exploits0References4Affected Software2

UbuntuCve•added 2007/04/24 5:19 p.m.•22 views

CVE-2007-2195

aMSN aka Alvaro's Messenger 0.96 and earlier allows remote attackers to cause a denial of service application crash by sending invalid data to TCP port 31337...

5CVSS5.9AI score0.03338EPSS

Exploits1References1

Prion•added 2007/03/16 10:19 p.m.•22 views

Design/Logic Flaw

The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.1.7, and possibly other products using symevent.sys 12.0.0.20, allows local users to cause a denial of service system crash via invalid data, as demonstrated by calling DeviceIoControl to send the data, a reintroduction of...

4.9CVSS6.5AI score0.01285EPSS

Exploits2References3Affected Software1

securityvulns•added 2007/01/10 12:0 a.m.•50 views

Cisco UCC / IPCC JTapi DoS

Service restart on invalid data received through TCP port...

5CVSS1.7AI score0.01653EPSS

Exploits0References1

Tenable Nessus•added 2005/07/20 12:0 a.m.•40 views

SUSE-SA:2005:039: zlib

The remote host is missing the patch for the advisory SUSE-SA:2005:039 zlib. A denial of service condition was fixed in the zlib library. Any program using zlib to decompress data can be crashed by a specially handcrafted invalid data stream. This includes web browsers or email programs able to...

7.5CVSS8.1AI score0.05476EPSS

Exploits3References1

NVD•added 2004/02/17 5:0 a.m.•18 views

CVE-2003-1029

The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service infinite loop and memory consumption via a packet with invalid data to UDP port 1701, which causes l2tpavpprint to use a bad length value when calling printoctets...

5CVSS6.3AI score0.0992EPSS

Exploits0References12

OSV•added 2004/02/17 5:0 a.m.•1 views

DEBIAN-CVE-2003-1029

5CVSS6.9AI score0.0992EPSS

Exploits0References1