CWE:
 

Topic
Date
Author
Med.
WordPress 3.6.1 PHP unserialization & Open Redirect & Privilege Escalation
12.09.2013
Andrew Nacin
Low
SmartSniff DLL Hijacking Exploit (wpcap.dll)
17.09.2012
anT!-Tr0J4n
Low
SEasyOfficeRecovery DLL Hijacking Exploit (dwmapi.dll)
17.09.2012
anT!-Tr0J4n
Med.
Google Chrome pkcs11.txt File Planting
03.11.2011
acros
Med.
VMware ESXi and ESX updates to third party libraries and ESX Service Console
26.10.2011
VMware Security Team
Med.
ibm db2 9.7 Exploiting the linker
26.10.2011
Tim Brown
High
linux kernel 2.6.39 cred->user_ns in key_replace_session_keyring
13.09.2011
Robert Swiecki
Low
linux kernel 2.6.38 related to O_DIRECT crash
07.09.2011
Ben Greear
Med.
multiple functions null pointer dereference uppon parameters injection
16.05.2011
Advisories Toucan-Syst...
High
kadmind invalid pointer free()
18.04.2011
Tom Yu
Low
libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5)
18.03.2011
Maksymilian Arciemowic...
Med.
Plaintext injection in STARTTLS (multiple implementations)
18.03.2011
Wietse Venema
Med.
RealNetworks Real Player Predictable Temporary File Remote Code Execution Vulnerability
22.02.2011
Eduardo
Med.
PHP 5.3.5 grapheme_extract() NULL Pointer Dereference
17.02.2011
Maksymilian Arciemowic...
Med.
KDC denial of service attacks
12.02.2011
Tom Yu
Low
Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys <= 2011.1.13.89 Local Kernel
22.01.2011
th_decoder 126 com
High
Multiple Vendors (Internet Explorer, Mozilla etc) remote code execution
12.01.2011
Michal Zalewski
High
ImgBurn 2.4.0.0 DLL Hijack
06.01.2011
d3c0der
Med.
Apache Insecure mod_rewrite PCRE Resource Exhaustion
21.12.2010
Maksymilian Arciemowic...
Med.
Orbis CMS 1.0.2 Arbitrary File Upload Vulnerability
07.12.2010
Mark Stanislav
Med.
Vtiger CRM 5.2.0 Multiple Vulnerabilities
30.11.2010
ascii
High
Linux Kernel \'sctp_outq_flush()\' Denial of Service Vulnerability
25.11.2010
Thomas Dreibholz
Med.
Mono \'loader.c\' Library Loading Local Privilege Escalation Vulnerability
20.11.2010
Richard Brooksby
Med.
VideoCharge Studio DLL Hijacking Exploit (dwmapi.dll , quserex.dll )
23.09.2010
anT!-Tr0J4n
Low
Microsoft Word 2003 MSO Null Pointer Dereference Vulnerability
22.09.2010
Aditya K Sood
High
PGP Desktop version 9.10.x-10.0.0 Insecure DLL Hijacking Vulnerability
17.09.2010
YGN Ethical Hacker Gro...
Med.
Tortoise SVN 1.6.10 build 19898 the Windows DLL hijacking vulnerability.
01.09.2010
Nikhil Mittal
High
TeamViewer <= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll)
27.08.2010
glafkos astalavista co...
High
Remote Binary Planting in Apple iTunes for Windows
24.08.2010
Mitja Kolsek
Med.
OpenSSL \"ssl3_get_key_exchange()\" Use-after-free Vulnerability
20.08.2010
Georgi Guninski
Low
LibTIFF \'td_stripbytecount\' NULL Pointer Dereference Remote Denial of Service
10.08.2010
Tomas Hoger
Med.
KVIrc Failed DCC Handshake Notification Command Injection Vulnerability
04.08.2010
unic0rn
Med.
[Apache HTTP Server 2.2.16 Released multiple vulnerabilities
30.07.2010
Paul Querna &lt;pquern...
Med.
Windows Vista/Server 2008 NtUserCheckAccessForIntegrityLevel Vulnerability
05.07.2010
hushmail
Med.
TCExam 10.1.007 Arbitrary Upload
07.06.2010
Jjohn Leitch
Med.
GSS-API lib null pointer deref
24.05.2010
Tom Yu
Med.
IBM Datapower XS40 Denial of Service
03.05.2010
Erik
Med.
e107 Avatar/Photograph Image File Upload Vulnerability
22.04.2010
Secunia Research
Med.
Irssi Denial of Service and SSL Hostname Verification Security Bypass Vulnerabilities
19.04.2010
vendor
Med.
Lexmark Multiple Laser printer FTP Remote Denial of Services
26.03.2010
Francis Provencher
Med.
Safari 4.0.4 (531.21.10) - Stack Overflow/run
07.03.2010
John Cobb
High
DATEV ActiveX Control remote command execution
02.03.2010
NSO Research
Med.
Linux Kernel 64bit Personality Handling Local Denial of Service Vulnerability
19.02.2010
Mathias Krause
Med.
PHP 5.2.12/5.3.1 session.save_path safe_mode and open_basedir bypass
12.02.2010
Grzegorz Stachowiak
High
Internet Explorer Dynamic OBJECT tag and URLMON sniffing vulnerabilities
07.02.2010
Core
Med.
Windows Live Messenger 2009 ActiveX DoS Vulnerability
14.01.2010
hackattack
Med.
Cherokee Web Server 0.5.4 Denial Of Service
08.01.2010
usman
Med.
Zen Cart local file disclosure vulnerability
16.12.2009
Bogdan Calin
Med.
Cisco VPN Client Integer overflow (DOS) Proof Of Concept Code
03.12.2009
alt3kx
Med.
RTP s800i 1.3.0.4 Remote Crash Vulnerability
03.12.2009
Asterisk Security Team
Med.
PHP 5.3.0 \"multipart/form-data\" denial of service
27.11.2009
Bogdan Calin
Low
OpenX 2.8.1 remote code execution
26.11.2009
null
Low
Xerver 4.32 HTTP response splitting vulnerability
24.11.2009
sasquatch
Low
XM Easy Personal FTP Serve Remote Denial of Service Vulnerability
24.11.2009
zhangmc
Med.
DoS vulnerability in Internet Explorer
20.11.2009
MustLive
Med.
DoS vulnerability in Internet Explorer
18.11.2009
MustLive
High
Windows 7 and Windows Server 2008 remote dos
17.11.2009
Laurent Gaffi
Med.
Invalid #PF Exception Code in VMware can result in Guest Privilege Escalation
04.11.2009
Tavis Ormandy & and Ju...
Low
SharePoint 2007 ASP.NET Source Code Disclosure
03.11.2009
Daniel Martin
Med.
Snort 2.8.5.1 multiple vulnerabilities
30.10.2009
Laurent Gaffi
Low
GPG2/Kleopatra 2.0.11 - Malformed Certificate Crash PoC
29.10.2009
Dr_IDE
Med.
Websense Email Security v7.1 Web Administrator DoS
24.10.2009
NSO Research
High
PHP 5.2.11 libgd multiple vulnerabilities
22.10.2009
Tomas Hoger
Med.
Innovation Data Processing FDR Port Scan DoS
21.10.2009
Anonymous
Low
Missing initializations in dumped data
21.10.2009
Patrick McHardy & Davi...
High
Piwik Build 1357 2009-08-02 remote file upload vulnerability
20.10.2009
Braeden Thomas
Med.
ZoIPer v2.22 Call-Info Remote Denial Of Service
19.10.2009
Tomer Bitton
Med.
FileCOPA FTP Server Version 5.01 Remote DoS Exploit
12.10.2009
null
Low
OpenBSD patch: XMM exceptions incorrectly handled in i386 kernel
08.10.2009
Slava Pestov
Med.
XM Easy Personal FTP server 5.8 remote denial of service
03.10.2009
PLATEN
Med.
Half-Life CSTRIKE Server 1.6 Denial of Service Exploit (no-steam)
16.09.2009
Maxim Suhanov
Med.
Telephone Directory 2008 Arbitrary Delete Contact Exploit
08.09.2009
Stack
Med.
Eye-Fi 1.1.2 Multiple Vulnerabilities
02.09.2009
Seth Fogie (seth airsc...
High
MS Windows 2003 (EOT File) BSOD Crash Exploit
02.09.2009
webDEViL
Med.
Google Chrome Browser 0.2.149.27 Inspect Element DoS Exploit
25.08.2009
Metacortex
Med.
fhttpd 0.4.2 un64() Remote Denial of Service Exploit
24.08.2009
Jeremy Brown
Med.
aspWebAlbum 3.2 (Upload/SQL/XSS) Multiple Remote Vulnerabilities
20.08.2009
null
Med.
MS Internet Explorer 8.0.7100.0 Simple HTML Remote Crash PoC
17.08.2009
schnuddelbuddel
High
Chilkat Socket activex 2.3.1.1 Remote Arbitrary File Creation Exploit
14.08.2009
Underz0ne Crew
High
Exodus 0.10 (uri handler) Arbitrary Parameter Injection Exploit
13.08.2009
Nine:Situations:Group:...
Med.
BGP 4-byte ASN bug fixes
08.05.2009
Chris Caputo
Med.
FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit
31.01.2009
Houssamix
Med.
Siemens C450IP/C475IP DoS
25.11.2008
Martin Kluge
High
db Software Laboratory VImpX (VImpX.ocx) Multiple Vulnerabilities
29.10.2008
shinnai
High
Peachtree Accounting 2004 (PAWWeb11.ocx) ActiveX Insecure Method
23.10.2008
Jeremy Brown
High
Chilkat FTP ActiveX 2.0 (ChilkatCert.dll) Insecure Method Exploit
21.10.2008
darkl0rd
High
Macrovision FlexNet isusweb.dll DownloadAndExecute Method Exploit
19.10.2008
e.b.
Med.
Chilkat Mail ActiveX 7.8 (ChilkatCert.dll) Insecure Method Exploit
19.10.2008
anon
High
Macrovision FlexNet DownloadManager Insecure Methods Exploit
18.10.2008
e.b.
High
sctp: fix potential panics in the SCTP-AUTH API.
04.09.2008
Vlad Yasevich
High
Academic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities
28.06.2008
BugReport.ir
Med.
Server freezed in Skulltag 0.97d2-RC2
17.06.2008
Luigi Auriemma
Med.
Nucleus CMS <= 3.22 arbitrary remote inclusion
27.05.2006
rgod


CVEMAP Search Results

CVE
Details
Description
2017-04-13
High
CVE-2016-4970

Vendor: Netty project
Software: Netty
 

 
handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop).

 
2017-04-10
Medium
CVE-2017-7619

Vendor: Imagemagick
Software: Imagemagick
 

 
In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. This affects ModulateHSL, ModulateHCL, ModulateHCLp, ModulateHSB, ModulateHSI, ModulateHSV, ModulateHWB, ModulateLCHab, and ModulateLCHuv.

 
2017-03-23
Low
CVE-2016-9388

Vendor: Jasper project
Software: Jasper
 

 
The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.

 
Medium
CVE-2016-9389

Vendor: Jasper project
Software: Jasper
 

 
The jpc_irct and jpc_iict functions in jpc_mct.c in JasPer before 1.900.14 allow remote attackers to cause a denial of service (assertion failure).

 
Medium
CVE-2016-9391

Vendor: Jasper project
Software: Jasper
 

 
The jpc_bitstream_getbits function in jpc_bs.c in JasPer before 2.0.10 allows remote attackers to cause a denial of service (assertion failure) via a very large integer.

 
Low
CVE-2016-9392

Vendor: Jasper project
Software: Jasper
 

 
The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

 
Low
CVE-2016-9393

Vendor: Jasper project
Software: Jasper
 

 
The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

 
2017-02-23
Low
CVE-2017-6299

Vendor: Ytnef project
Software: Ytnef
 

 
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "2 of 9. Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c."

 
2017-01-30
Low
CVE-2015-8158

Vendor: NTP
Software: NTP
 

 
The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (infinite loop) via crafted packets with incorrect values.

 
2017-01-25
Medium
CVE-2017-5596

Vendor: Wireshark
Software: Wireshark
 

 
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top