Total
2703 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0096 | 1 Microsoft | 1 Visio | 2024-08-07 | N/A |
| Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly perform memory copy operations for object data, which allows remote attackers to execute arbitrary code via a crafted Visio document, aka "Memory Corruption Vulnerability." | ||||
| CVE-2009-0100 | 1 Microsoft | 4 Office, Office Compatibility Pack For Word Excel Ppt 2007, Office Excel and 1 more | 2024-08-07 | N/A |
| Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel in Microsoft Office 2004 and 2008 for Mac; Microsoft Office Excel Viewer and Excel Viewer 2003 SP3; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 do not properly parse the Excel spreadsheet file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet that contains a malformed object with "an offset and a two-byte value" that trigger a memory calculation error, aka "Memory Corruption Vulnerability." | ||||
| CVE-2009-0140 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
| Unspecified vulnerability in the SMB component in Apple Mac OS X 10.4.11 and 10.5.6 allows remote SMB servers to cause a denial of service (memory exhaustion and system shutdown) via a crafted file system name. | ||||
| CVE-2009-0075 | 1 Microsoft | 5 Internet Explorer, Windows Server 2003, Windows Server 2008 and 2 more | 2024-08-07 | N/A |
| Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka "Uninitialized Memory Corruption Vulnerability." | ||||
| CVE-2009-0076 | 1 Microsoft | 5 Internet Explorer, Windows Server 2003, Windows Server 2008 and 2 more | 2024-08-07 | N/A |
| Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a crafted HTML document, aka "CSS Memory Corruption Vulnerability." | ||||
| CVE-2009-0069 | 1 Sun | 2 Opensolaris, Solaris | 2024-08-07 | N/A |
| Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client in the kernel in Sun Solaris 10 and OpenSolaris before snv_102 allows local users to cause a denial of service (recursive mutex_enter and panic) via unspecified vectors. | ||||
| CVE-2009-0071 | 1 Mozilla | 1 Firefox | 2024-08-07 | N/A |
| Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a certain (a) replaceChild or (b) removeChild call, followed by a (1) queryCommandValue, (2) queryCommandState, or (3) queryCommandIndeterm call. NOTE: it was later reported that 3.0.6 and 3.0.7 are also affected. | ||||
| CVE-2009-0020 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
| Unspecified vulnerability in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted resource fork that triggers memory corruption. | ||||
| CVE-2010-5329 | 1 Linux | 1 Linux Kernel | 2024-08-07 | N/A |
| The video_usercopy function in drivers/media/video/v4l2-ioctl.c in the Linux kernel before 2.6.39 relies on the count value of a v4l2_ext_controls data structure to determine a kmalloc size, which might allow local users to cause a denial of service (memory consumption) via a large value. | ||||
| CVE-2009-0031 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2024-08-07 | N/A |
| Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree." | ||||
| CVE-2009-0005 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2024-08-07 | N/A |
| Unspecified vulnerability in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted H.263 encoded movie file that triggers memory corruption. | ||||
| CVE-2010-4756 | 1 Gnu | 1 Glibc | 2024-08-07 | N/A |
| The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. | ||||
| CVE-2010-4754 | 4 Apple, Freebsd, Netbsd and 1 more | 4 Mac Os X, Freebsd, Netbsd and 1 more | 2024-08-07 | N/A |
| The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem in Apple Mac OS X before 10.6.8, allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. | ||||
| CVE-2010-4755 | 3 Freebsd, Netbsd, Openbsd | 4 Freebsd, Netbsd, Openbsd and 1 more | 2024-08-07 | N/A |
| The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632. | ||||
| CVE-2010-4707 | 2 Linux-pam, Redhat | 2 Linux-pam, Enterprise Linux | 2024-08-07 | N/A |
| The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a special file. | ||||
| CVE-2010-4697 | 1 Php | 1 Php | 2024-08-07 | N/A |
| Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset, and __unset methods on objects accessed by a reference. | ||||
| CVE-2010-4682 | 1 Cisco | 3 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 | 2024-08-07 | N/A |
| Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to cause a denial of service (memory consumption) by making multiple incorrect LDAP authentication attempts, aka Bug ID CSCtf29867. | ||||
| CVE-2010-4670 | 1 Cisco | 4 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 1 more | 2024-08-07 | N/A |
| The Neighbor Discovery (ND) protocol implementation in the IPv6 stack on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier, and Cisco PIX Security Appliances devices, allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti24526. | ||||
| CVE-2010-4672 | 1 Cisco | 3 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 | 2024-08-07 | N/A |
| Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier allow remote attackers to cause a denial of service (block exhaustion) via EIGRP traffic that triggers an EIGRP multicast storm, aka Bug ID CSCtf20269. | ||||
| CVE-2010-4676 | 1 Cisco | 3 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 | 2024-08-07 | N/A |
| Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote authenticated users to cause a denial of service (device crash) via a high volume of IPsec traffic, aka Bug ID CSCsx52748. | ||||