CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1177 matches found

Prion•added 2008/04/30 12:10 a.m.•13 views

Code injection

BitDefender Antivirus 2008 20080118 and earlier allows local users to cause a denial of service system crash via an invalid pointer to the CLIENTID structure in a call to the NtOpenProcess hooked System Service Descriptor Table SSDT function...

4.9CVSS6.7AI score0.00374EPSS

Exploits1References9Affected Software1

Tenable Nessus•added 2008/03/19 12:0 a.m.•26 views

CentOS 3 : unzip (CESA-2008:0196)

Updated unzip packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The unzip utility is used to list, test, or extract files from a zip archive. An invalid pointer flaw was found in unzip. If a...

9.3CVSS6.1AI score0.0629EPSS

Exploits1References4

securityvulns•added 2008/03/18 12:0 a.m.•41 views

unzip code execution

Memory corruption with free with invalid pointer...

9.3CVSS3AI score0.0629EPSS

Exploits1References1Affected Software1

Prion•added 2007/10/29 7:46 p.m.•16 views

Design/Logic Flaw

ParseFTPList.cpp in Mozilla Firefox 2.0.0.7 allows remote FTP servers to cause a denial of service application crash via a crafted reply to an unspecified listing command, related to "reading from invalid pointer."...

4.3CVSS6.8AI score0.01129EPSS

Exploits0References6Affected Software1

Tenable Nessus•added 2007/09/14 12:0 a.m.•40 views

GLSA-200708-17 : Opera: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200708-17 Opera: Multiple vulnerabilities An error known as 'a virtual function call on an invalid pointer' has been discovered in the JavaScript engine CVE-2007-4367. Furthermore, iDefense Labs reported that an already-freed...

9.3CVSS6.2AI score0.08248EPSS

Exploits2References6

NVD•added 2007/08/20 6:17 p.m.•10 views

CVE-2007-4426

Live for Speed LFS S1 and S2 allows remote attackers to cause a denial of service server crash via 1 a certain 0x00 byte in a pre-login ID 3 packet, which triggers a NULL dereference; or 2 a pre-login ID 5 packet that lacks certain strings, which triggers an invalid pointer dereference...

5CVSS6.7AI score0.02602EPSS

Exploits0References8

Prion•added 2007/08/15 11:17 p.m.•15 views

Design/Logic Flaw

Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer."...

9.3CVSS7.8AI score0.08248EPSS

Exploits1References10Affected Software1

Opera Security Advisories•added 2007/08/07 12:0 a.m.•12 views

a specially crafted JavaScript can make Opera execute arbitrary code

A virtual function call on an invalid pointer that may referencedata crafted by the attacker can be used to execute arbitrary code...

3.8AI score

Exploits0Affected Software1

Prion•added 2007/01/17 11:28 a.m.•20 views

Integer overflow

Integer overflow in the byteswapsbin function in bsd/ufs/ufs/ufsbyteorder.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service kernel panic by mounting a crafted Unix File System UFS DMG image, which triggers an invalid pointer dereference...

7.1CVSS7.3AI score0.03769EPSS

Exploits0References10Affected Software1

securityvulns•added 2007/01/11 12:0 a.m.•36 views

Microsoft Windows WMF invalid pointer dereference

Invalid pointer dereference in GDI on CreateBrushIndirect function...

2.9AI score

Exploits0References1

Prion•added 2006/04/25 1:2 a.m.•19 views

Design/Logic Flaw

mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause a denial of service crash via nested OBJECT tags, which trigger invalid pointer dereferences including NULL dereferences. NOTE: the possibility of code execution was originally theorized, but...

2.6CVSS7.3AI score0.40431EPSS

Exploits2References12Affected Software1

Cvelist•added 2006/04/25 1:0 a.m.•29 views

CVE-2006-1992

6.9AI score0.40431EPSS

Exploits2References12

UbuntuCve•added 2006/01/24 12:3 a.m.•24 views

CVE-2006-0321

fetchmail 6.3.0 and other versions before 6.3.2 allows remote attackers to cause a denial of service crash via crafted e-mail messages that cause a free of an invalid pointer when fetchmail bounces the message to the originator or local postmaster...

5CVSS5.9AI score0.03419EPSS

Exploits0References1

OSV•added 2006/01/24 12:3 a.m.•1 views

DEBIAN-CVE-2006-0321

5CVSS6.7AI score0.03419EPSS

Exploits0References1

NVD•added 2006/01/24 12:3 a.m.•30 views

CVE-2006-0321

5CVSS6.4AI score0.03419EPSS

Exploits0References17

Debian CVE•added 2006/01/24 12:0 a.m.•27 views

CVE-2006-0321

5CVSS6.1AI score0.03419EPSS

Exploits0

FreeBSD•added 2006/01/22 12:0 a.m.•23 views

fetchmail -- crash when bouncing a message

Matthias Andree reports: Fetchmail contains a bug that causes itself to crash when bouncing a message to the originator or to the local postmaster. The crash happens after the bounce message has been sent, when fetchmail tries to free the dynamic array of failed addresses, and calls the free...

5CVSS6.5AI score0.03419EPSS

Exploits0References2

UbuntuCve•added 2005/10/27 10:2 a.m.•26 views

CVE-2005-3249

Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to 0.10.12 allows remote attackers to cause a denial of service or corrupt memory via unknown vectors that cause Ethereal to free an invalid pointer...

6.4CVSS6AI score0.02694EPSS

Exploits0References1

NVD•added 2005/10/27 10:2 a.m.•22 views

CVE-2005-3249

6.4CVSS6.4AI score0.02694EPSS

Exploits0References15