CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (Memory Corruption)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
3551 CVE-2013-1006 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3552 CVE-2013-1005 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3553 CVE-2013-1004 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3554 CVE-2013-1003 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3555 CVE-2013-1002 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3556 CVE-2013-1001 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3557 CVE-2013-1000 119 DoS Exec Code Overflow Mem. Corr. 2013-05-20 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3558 CVE-2013-0999 119 DoS Exec Code Overflow Mem. Corr. 2013-05-20 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3559 CVE-2013-0998 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3560 CVE-2013-0997 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3561 CVE-2013-0996 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3562 CVE-2013-0995 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3563 CVE-2013-0994 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3564 CVE-2013-0993 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3565 CVE-2013-0992 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3566 CVE-2013-0991 399 DoS Exec Code Mem. Corr. 2013-05-20 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
3567 CVE-2013-0987 399 DoS Exec Code Mem. Corr. 2013-05-24 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QTIF file.
3568 CVE-2013-0976 119 DoS Exec Code Overflow Mem. Corr. 2013-03-15 2013-06-05
6.8
None Remote Medium Not required Partial Partial Partial
IOAcceleratorFamily in Apple Mac OS X before 10.8.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted graphics image.
3569 CVE-2013-0968 119 DoS Exec Code Overflow Mem. Corr. 2013-01-29 2013-02-05
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1.
3570 CVE-2013-0961 DoS Exec Code Mem. Corr. 2013-03-15 2013-03-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0960.
3571 CVE-2013-0960 DoS Exec Code Mem. Corr. 2013-03-15 2013-03-18
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0961.
3572 CVE-2013-0959 119 DoS Exec Code Overflow Mem. Corr. 2013-01-29 2013-03-15
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1.
3573 CVE-2013-0958 119 DoS Exec Code Overflow Mem. Corr. 2013-01-29 2013-03-15
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1.
3574 CVE-2013-0956 119 DoS Exec Code Overflow Mem. Corr. 2013-01-29 2013-03-15
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1.
3575 CVE-2013-0955 119 DoS Exec Code Overflow Mem. Corr. 2013-01-29 2013-03-15
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1.
3576 CVE-2013-0954 119 DoS Exec Code Overflow Mem. Corr. 2013-01-29 2013-03-15
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1.
3577 CVE-2013-0953 119 DoS Exec Code Overflow Mem. Corr. 2013-01-29 2013-03-15
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1.
3578 CVE-2013-0952 119 DoS Exec Code Overflow Mem. Corr. 2013-01-29 2013-03-15
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1.
3579 CVE-2013-0951 119 DoS Exec Code Overflow Mem. Corr. 2013-01-29 2013-03-15
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1.
3580 CVE-2013-0950 119 DoS Exec Code Overflow Mem. Corr. 2013-01-29 2013-03-15
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1.
3581 CVE-2013-0949 119 DoS Exec Code Overflow Mem. Corr. 2013-01-29 2013-03-15
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1.
3582 CVE-2013-0948 119 DoS Exec Code Overflow Mem. Corr. 2013-01-29 2013-03-15
6.8
None Remote Medium Not required Partial Partial Partial
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1.
3583 CVE-2013-0923 119 DoS Overflow Mem. Corr. 2013-03-28 2017-09-18
5.0
None Remote Low Not required None None Partial
The USB Apps API in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors.
3584 CVE-2013-0906 119 DoS Overflow Mem. Corr. 2013-03-05 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
The IndexedDB implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
3585 CVE-2013-0904 119 DoS Overflow Mem. Corr. 2013-03-05 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
The Web Audio implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
3586 CVE-2013-0890 119 DoS Overflow Mem. Corr. 2013-02-23 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors.
3587 CVE-2013-0879 119 DoS Overflow Mem. Corr. 2013-02-23 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
3588 CVE-2013-0861 119 Overflow Mem. Corr. 2013-11-23 2016-12-02
5.0
None Remote Low Not required None Partial None
The avcodec_decode_audio4 function in libavcodec/utils.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 allows remote attackers to trigger memory corruption via vectors related to the channel layout.
3589 CVE-2013-0843 119 DoS Overflow Mem. Corr. 2013-01-24 2013-01-30
7.5
None Remote Low Not required Partial Partial Partial
content/renderer/media/webrtc_audio_renderer.cc in Google Chrome before 24.0.1312.56 on Mac OS X does not use an appropriate buffer size for the 96 kHz sampling rate, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a web site that provides WebRTC audio.
3590 CVE-2013-0801 DoS Exec Code Mem. Corr. 2013-05-16 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
3591 CVE-2013-0792 200 DoS Mem. Corr. +Info 2013-04-03 2017-09-18
4.3
None Remote Medium Not required Partial None None
Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a grayscale PNG image.
3592 CVE-2013-0791 119 DoS Overflow Mem. Corr. 2013-04-03 2017-09-18
5.0
None Remote Low Not required None None Partial
The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate.
3593 CVE-2013-0790 DoS Exec Code Mem. Corr. 2013-04-03 2013-06-04
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the browser engine in Mozilla Firefox before 20.0 on Android allows remote attackers to cause a denial of service (stack memory corruption and application crash) or possibly execute arbitrary code via unknown vectors involving a plug-in.
3594 CVE-2013-0789 DoS Exec Code Mem. Corr. 2013-04-03 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0 and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsContentUtils::HoldJSObjects function and the nsAutoPtr class, and other vectors.
3595 CVE-2013-0788 DoS Exec Code Mem. Corr. 2013-04-03 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
3596 CVE-2013-0784 DoS Exec Code Mem. Corr. 2013-02-19 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
3597 CVE-2013-0783 DoS Exec Code Mem. Corr. 2013-02-19 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
3598 CVE-2013-0781 399 DoS Exec Code Mem. Corr. 2013-02-19 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
3599 CVE-2013-0780 399 DoS Exec Code Overflow Mem. Corr. 2013-02-19 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document that uses Cascading Style Sheets (CSS) -moz-column-* properties.
3600 CVE-2013-0777 399 DoS Exec Code Mem. Corr. 2013-02-19 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Paint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
Total number of vulnerabilities : 5273   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 (This Page)73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.