Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.
Max CVSS
9.3
EPSS Score
2.31%
Published
2013-02-13
Updated
2023-02-13
Stack-based buffer overflow in llogincircuit.cc in latd 1.25 through 1.30 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the llogin version.
Max CVSS
10.0
EPSS Score
1.05%
Published
2013-03-19
Updated
2013-03-21
Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecified vectors.
Max CVSS
9.3
EPSS Score
2.68%
Published
2013-02-19
Updated
2020-08-06
Buffer overflow in the RFC1413 (ident) client in cfingerd 1.4.3-3 allows remote IDENT servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted response.
Max CVSS
10.0
EPSS Score
0.25%
Published
2013-03-14
Updated
2013-03-19
MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.
Max CVSS
5.0
EPSS Score
94.94%
Published
2013-03-28
Updated
2022-08-04
Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function.
Max CVSS
6.8
EPSS Score
0.49%
Published
2013-06-15
Updated
2018-10-30
Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service (memory corruption and xend toolstack crash) and possibly gain privileges via a crafted cpumap.
Max CVSS
7.4
EPSS Score
0.05%
Published
2013-08-28
Updated
2016-12-31
The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malformed packet that (1) triggers an integer overflow or (2) has embedded '\0' characters in a string.
Max CVSS
3.3
EPSS Score
0.19%
Published
2013-03-07
Updated
2018-10-30
Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message.
Max CVSS
6.9
EPSS Score
0.06%
Published
2013-06-07
Updated
2023-08-11
The Developer Tools API in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Max CVSS
5.0
EPSS Score
0.27%
Published
2013-06-05
Updated
2017-09-19
Skia, as used in Google Chrome before 27.0.1453.110, does not properly handle GPU acceleration, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
0.43%
Published
2013-06-05
Updated
2017-09-19
Google Chrome before 27.0.1453.110 does not properly handle SSL sockets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Max CVSS
10.0
EPSS Score
0.74%
Published
2013-06-05
Updated
2017-09-19
Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted JPEG2000 image.
Max CVSS
4.3
EPSS Score
0.62%
Published
2013-07-10
Updated
2017-09-19
Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the handling of text.
Max CVSS
5.0
EPSS Score
0.64%
Published
2013-07-10
Updated
2017-09-19
Google V8, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
1.80%
Published
2013-10-02
Updated
2018-10-30
The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Max CVSS
5.0
EPSS Score
0.69%
Published
2013-05-25
Updated
2018-10-30
epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.
Max CVSS
5.0
EPSS Score
1.18%
Published
2013-05-25
Updated
2018-10-30
The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Max CVSS
5.0
EPSS Score
4.72%
Published
2013-05-25
Updated
2018-10-30
Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Max CVSS
5.0
EPSS Score
0.22%
Published
2013-06-09
Updated
2018-10-30
Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-nbap.c.
Max CVSS
5.0
EPSS Score
0.24%
Published
2013-06-09
Updated
2018-10-30
The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet.
Max CVSS
5.0
EPSS Score
0.27%
Published
2013-06-09
Updated
2018-10-30
The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet.
Max CVSS
5.0
EPSS Score
0.22%
Published
2013-06-09
Updated
2018-10-30
Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted P header in an ABC file, which triggers a heap-based buffer overflow.
Max CVSS
6.8
EPSS Score
13.89%
Published
2013-09-16
Updated
2013-09-25
Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted ABC.
Max CVSS
6.8
EPSS Score
7.11%
Published
2013-09-16
Updated
2016-12-31
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.
Max CVSS
6.8
EPSS Score
3.49%
Published
2013-09-10
Updated
2023-02-13
32 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!