CVEs from 2013
Total
5,687
critical
critical 917
high
high 949
medium
medium 3,166
low
low 557
% Critical
16.1%
% with KEV
0.7%
% with exploit
11.6%
Top vendors
Top products
- chrome 11,665
- ffmpeg 3,379
- seamonkey 2,231
- acrobat_reader 1,911
- acrobat 1,909
- itunes 1,678
- firefox 1,634
- moodle 1,560
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-0610 | critical | — | 10.0 | 14y ago | Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vu… | |||
| CVE-2013-0609 | critical | — | 10.0 | 14y ago | Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability… | |||
| CVE-2013-0608 | critical | — | 10.0 | 14y ago | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulner… | |||
| CVE-2013-0607 | critical | — | 10.0 | 14y ago | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulner… | |||
| CVE-2013-0606 | critical | — | 10.0 | 14y ago | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability … | |||
| CVE-2013-0605 | critical | — | 10.0 | 14y ago | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vector… | |||
| CVE-2013-0604 | critical | — | 10.0 | 14y ago | Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vul… | |||
| CVE-2013-0603 | critical | — | 10.0 | 14y ago | Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vul… | |||
| CVE-2013-0602 | critical | — | 10.0 | 14y ago | Use-after-free vulnerability in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2013-0601 | critical | — | 10.0 | 14y ago | Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vector… | |||
| CVE-2013-0011 | critical | — | 10.0 | 14y ago | The Print Spooler in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a cr… | |||
| CVE-2013-4366 | critical | 9.8 | 9.8 | 9y ago | Hostname verification in Apache HttpClient 4.3 was disabled by default | |||
| CVE-2013-7429 | critical | 9.8 | 9.8 | 9y ago | The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to conduct XML injection attacks via the url parameter to plugin_googlemap2_proxy.php. | |||
| CVE-2013-7426 | critical | 9.8 | 9.8 | 9y ago | Insecure Temporary file vulnerability in /tmp/kamailio_fifo in kamailio 4.0.1. | |||
| CVE-2013-0870 | critical | 9.8 | 9.8 | 9y ago | The 'vp3_decode_frame' function in FFmpeg 1.1.4 moves threads check out of header packet type check. | |||
| CVE-2013-6647 | critical | 9.8 | 9.8 | 9y ago | A use-after-free in AnimationController::endAnimationUpdate in Google Chrome. | |||
| CVE-2013-7459 | critical | 9.8 | 9.8 | 9y ago | Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv p… | |||
| CVE-2013-1430 | critical | 9.8 | 9.8 | 10y ago | An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the u… | |||
| CVE-2013-7455 | critical | 9.8 | 9.8 | 10y ago | Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that t… | |||
| CVE-2013-5017 | critical | 9.8 | 9.8 | 12y ago | SNMPConfig.php in the management console in Symantec Web Gateway (SWG) before 5.2.1 allows remote attackers to execute arbitrary commands via unspecified vectors. | |||
| CVE-2013-6671 | critical | 9.8 | 9.8 | 13y ago | The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary… | |||
| CVE-2013-5618 | critical | 9.8 | 9.8 | 13y ago | Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunder… | |||
| CVE-2013-5616 | critical | 9.8 | 9.8 | 13y ago | Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.2… | |||
| CVE-2013-5615 | critical | 9.8 | 9.8 | 13y ago | The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions o… | |||
| CVE-2013-5613 | critical | 9.8 | 9.8 | 13y ago | Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows … | |||
| CVE-2013-5609 | critical | 9.8 | 9.8 | 13y ago | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to c… | |||
| CVE-2013-1591 | critical | 9.8 | 9.8 | 14y ago | Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resulta… | |||
| CVE-2013-6207 | critical | — | 9.4 | 12y ago | Unspecified vulnerability in the loadFileContents function in the SOAP implementation in HP SiteScope 10.1x, 11.1x, and 11.21 allows remote attackers to read arbitrary files or cause a denial of serv… | |||
| CVE-2013-3658 | critical | — | 9.4 | 13y ago | Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to delete arbitrary host OS files via unspecified vectors. | |||
| CVE-2013-2352 | critical | — | 9.4 | 13y ago | LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage devices does not provide a mechanism for disabling the HP Support challenge-response root-login feature, which makes it easier for… | |||
| CVE-2013-0673 | critical | — | 9.4 | 13y ago | Directory traversal vulnerability in the web interface in the Health Monitor service in MatrikonOPC A&E Historian 1.0.0.0 allows remote attackers to read and delete arbitrary files via a crafted URL. | |||
| CVE-2013-2100 | critical | — | 9.3 | 12y ago | Gentoo Portage does not verify X.509 certificates from SSL servers | |||
| CVE-2013-6771 | critical | — | 9.3 | 12y ago | Directory traversal vulnerability in the collect script in Splunk before 5.0.5 allows remote attackers to execute arbitrary commands via a .. (dot dot) in the file parameter. NOTE: this issue was SP… | |||
| CVE-2013-7388 | critical | — | 9.3 | 12y ago | Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689), allows remote attackers to execute arbitrary code via a crafted RLE4-compressed… | |||
| CVE-2013-3664 | critical | — | 9.3 | 12y ago | Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689) allows remote attackers to execute arbitrary code via a crafted color palette table in a MAC Pict texture, which triggers an out-of… | |||
| CVE-2013-3662 | critical | — | 9.3 | 12y ago | Timbre SketchUp (formerly Google SketchUp) before 8 Maintenance 2 allows remote attackers to execute arbitrary code via a crafted color palette table in a MAC Pict texture, which triggers a stack-bas… | |||
| CVE-2013-3663 | critical | — | 9.3 | 12y ago | Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 8 Maintenance 3, allows remote attackers to execute arbitrary code via a crafted RLE8 compressed … | |||
| CVE-2013-2602 | critical | — | 9.3 | 12y ago | Multiple array index errors in the MyHeritage SEQueryObject ActiveX control (SearchEngineQuery.dll) 1.0.2.0 allow remote attackers to execute arbitrary code via the (1) seTokensArray, or (2) seTokens… | |||
| CVE-2013-0733 | critical | — | 9.3 | 12y ago | Untrusted search path vulnerability in Corel PaintShop Pro X5 and X6 16.0.0.113, 15.2.0.2, and earlier allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan hors… | |||
| CVE-2013-2298 | critical | — | 9.3 | 12y ago | Multiple stack-based buffer overflows in the XML parser in BOINC 7.x allow attackers to have unspecified impact via a crafted XML file, related to the scheduler. | |||
| CVE-2013-2019 | critical | — | 9.3 | 12y ago | Stack-based buffer overflow in BOINC 6.10.58 and 6.12.34 allows remote attackers to have unspecified impact via multiple file_signature elements. | |||
| CVE-2013-4772 | critical | — | 9.3 | 12y ago | D-Link DIR-505L SharePort Mobile Companion 1.01 and DIR-826L Wireless N600 Cloud Router 1.02 allows remote attackers to bypass authentication via a direct request when an authorized session is active. | |||
| CVE-2013-3930 | critical | — | 9.3 | 12y ago | Stack-based buffer overflow in Core FTP before 2.2 build 1785 allows remote FTP servers to execute arbitrary code via a crafted directory name in a CWD command reply. | |||
| CVE-2013-0729 | critical | — | 9.3 | 12y ago | Heap-based buffer overflow in Tracker Software PDF-XChange before 2.5.208 allows remote attackers to execute arbitrary code via a crafted Define Huffman Table header in a JPEG image file stream in a … | |||
| CVE-2013-5365 | critical | — | 9.3 | 12y ago | Heap-based buffer overflow in Autodesk SketchBook for Enterprise 2014, Pro, and Express before 6.25, and Copic Edition before 2.0.2 allows remote attackers to execute arbitrary code via RLE-compresse… | |||
| CVE-2013-3481 | critical | — | 9.3 | 12y ago | Stack-based buffer overflow in Artweaver Plus and Free before 3.1.5 allows remote attackers to execute arbitrary code via a crafted JPG image file. | |||
| CVE-2013-0732 | critical | — | 9.3 | 12y ago | Heap-based buffer overflow in PDFCore8.dll in Nuance PDF Reader before 8.1 allows remote attackers to execute arbitrary code via crafted font table directory values in a TTF file, related to naming t… | |||
| CVE-2013-3249 | critical | — | 9.3 | 12y ago | Stack-based buffer overflow in the "Add from text file" feature in the DameWare Exporter tool (DWExporter.exe) in DameWare Remote Support 10.0.0.372, 9.0.1.247, and earlier allows user-assisted attac… | |||
| CVE-2013-3938 | critical | — | 9.3 | 12y ago | Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based buf… | |||
| CVE-2013-6949 | critical | — | 9.3 | 13y ago | The Belkin WeMo Home Automation firmware before 3949 does not properly use the STUN and TURN protocols, which allows remote attackers to hijack connections and possibly have unspecified other impact … | |||
| CVE-2013-4737 | critical | — | 9.3 | 13y ago | The CONFIG_STRICT_MEMORY_RWX implementation for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly consider… | |||
| CVE-2013-6486 | critical | — | 9.3 | 13y ago | gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted remote attackers to execute arbitrary programs via a message containing a file: URL that is improperly handled during construction o… | |||
| CVE-2013-2691 | critical | — | 9.3 | 13y ago | Stack-based buffer overflow in the JetMPG.ax module in jetAudio 8.0.17 allows remote attackers to execute arbitrary code via a crafted MPEG2-TS video file, related to the MPEG2 transport stream. | |||
| CVE-2013-6724 | critical | — | 9.3 | 13y ago | Unspecified vulnerability in the vsflex8l ActiveX control in IBM SPSS SamplePower 3.0.1 before FP1 IF1 allows remote attackers to execute arbitrary code via a crafted ComboList property value. | |||
| CVE-2013-4979 | critical | — | 9.3 | 13y ago | Buffer overflow in the gldll32.dll module in EPS Viewer 3.2 and earlier allows remote attackers to execute arbitrary code via a crafted EPS file. | |||
| CVE-2013-1361 | critical | — | 9.3 | 13y ago | Untrusted search path vulnerability in Lenovo Thinkpad Bluetooth with Enhanced Data Rate Software 6.4.0.2900 and earlier allows local users, and possibly remote attackers, to execute arbitrary code a… | |||
| CVE-2013-3483 | critical | — | 9.3 | 13y ago | Stack-based buffer overflow in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a… | |||
| CVE-2013-5889 | critical | — | 9.3 | 13y ago | Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnera… | |||
| CVE-2013-2819 | critical | — | 9.3 | 13y ago | The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to install Trojan horse firmware by leveraging cleartext credentials in a crafted (1) upd… | |||
| CVE-2013-5893 | critical | — | 9.3 | 13y ago | Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related t… | |||
| CVE-2013-6462 | critical | — | 9.3 | 13y ago | Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service (crash) or possibly execute … | |||
| CVE-2013-7283 | critical | — | 9.3 | 13y ago | Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan 3.6 has unspecified impact and attack vectors, involving the /var/tmp/libreswan-nss-pwd… | |||
| CVE-2013-6795 | critical | — | 9.3 | 13y ago | The Updater in Rackspace Openstack Windows Guest Agent for XenServer before 1.2.6.0 allows remote attackers to execute arbitrary code via a crafted serialized .NET object to TCP port 1984, which trig… | |||
| CVE-2013-6439 | critical | — | 9.3 | 13y ago | Candlepin in Red Hat Subscription Asset Manager 1.0 through 1.3 uses a weak authentication scheme when the configuration file does not specify a scheme, which has unspecified impact and attack vector… | |||
| CVE-2013-3140 | critical | — | 9.3 | 13y ago | Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted CMarkup object, aka "Internet … | |||
| CVE-2013-5332 | critical | — | 9.3 | 13y ago | Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380… | |||
| CVE-2013-5056 | critical | — | 9.3 | 13y ago | Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1… | |||
| CVE-2013-5052 | critical | — | 9.3 | 13y ago | Microsoft Internet Explorer 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulne… | |||
| CVE-2013-5051 | critical | — | 9.3 | 13y ago | Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corrupti… | |||
| CVE-2013-5049 | critical | — | 9.3 | 13y ago | Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corrup… | |||
| CVE-2013-5048 | critical | — | 9.3 | 13y ago | Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru… | |||
| CVE-2013-5047 | critical | — | 9.3 | 13y ago | Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru… | |||
| CVE-2013-0859 | critical | — | 9.3 | 13y ago | The add_doubles_metadata function in libavcodec/tiff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a negative or zero count value in a TIFF image, which triggers an… | |||
| CVE-2013-0858 | critical | — | 9.3 | 13y ago | The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via ATRAC3 data with the joint stereo coding mode set and fewer tha… | |||
| CVE-2013-0857 | critical | — | 9.3 | 13y ago | The decode_frame_ilbm function in libavcodec/iff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted height value in IFF PBM/ILBM bitmap data. | |||
| CVE-2013-0856 | critical | — | 9.3 | 13y ago | The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec (ALAC) data, related to a large nb_s… | |||
| CVE-2013-0855 | critical | — | 9.3 | 13y ago | Integer overflow in the alac_decode_close function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Los… | |||
| CVE-2013-0854 | critical | — | 9.3 | 13y ago | The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted MJPEG data. | |||
| CVE-2013-0853 | critical | — | 9.3 | 13y ago | The wavpack_decode_frame function in libavcodec/wavpack.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted WavPack data, which triggers an out-of-bounds array ac… | |||
| CVE-2013-0852 | critical | — | 9.3 | 13y ago | The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array acc… | |||
| CVE-2013-0851 | critical | — | 9.3 | 13y ago | The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-boun… | |||
| CVE-2013-0850 | critical | — | 9.3 | 13y ago | The decode_slice_header function in libavcodec/h264.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted H.264 data, which triggers an out-of-bounds array access. | |||
| CVE-2013-0849 | critical | — | 9.3 | 13y ago | The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted (1) width or (2) height dimension that is not a multi… | |||
| CVE-2013-0848 | critical | — | 9.3 | 13y ago | The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted width in huffyuv data with the predictor set to median and th… | |||
| CVE-2013-0847 | critical | — | 9.3 | 13y ago | The ff_id3v2_parse function in libavformat/id3v2.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via ID3v2 header data, which triggers an out-of-bounds array access. | |||
| CVE-2013-0846 | critical | — | 9.3 | 13y ago | Array index error in the qdm2_decode_super_block function in libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted QDM2 data, which triggers an out-… | |||
| CVE-2013-0845 | critical | — | 9.3 | 13y ago | libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via a crafted block length, which triggers an out-of-bounds write. | |||
| CVE-2013-0844 | critical | — | 9.3 | 13y ago | Off-by-one error in the adpcm_decode_frame function in libavcodec/adpcm.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via crafted DK4 data, which triggers an out-of-b… | |||
| CVE-2013-5458 | critical | — | 9.3 | 13y ago | Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6 allows remote attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2013-5457 | critical | — | 9.3 | 13y ago | Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2013-5456 | critical | — | 9.3 | 13y ago | The com.ibm.rmi.io.SunSerializableFactory class in IBM Java SDK 7.0.0 before SR6 allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code via vectors related to des… | |||
| CVE-2013-0869 | critical | — | 9.3 | 13y ago | The field_end function in libavcodec/h264.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted H.264 data, related to an SPS and slice mismatch and an out-of-bou… | |||
| CVE-2013-0868 | critical | — | 9.3 | 13y ago | libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted Huffyuv data, related to an out-of-bounds write and (1) unchecked return codes from th… | |||
| CVE-2013-0867 | critical | — | 9.3 | 13y ago | The decode_slice_header function in libavcodec/h264.c in FFmpeg before 1.1.2 does not properly check when the pixel format changes, which allows remote attackers to have unspecified impact via crafte… | |||
| CVE-2013-0866 | critical | — | 9.3 | 13y ago | The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large number of channels in an AAC file, … | |||
| CVE-2013-0865 | critical | — | 9.3 | 13y ago | The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large (1) cbp0 or (2) cbpz chunk in We… | |||
| CVE-2013-0863 | critical | — | 9.3 | 13y ago | Buffer overflow in the rle_decode function in libavcodec/sanm.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via crafted LucasArts Smush video d… | |||
| CVE-2013-0862 | critical | — | 9.3 | 13y ago | Multiple integer overflows in the process_frame_obj function in libavcodec/sanm.c in FFmpeg before 1.1.2 allow remote attackers to have an unspecified impact via crafted image dimensions in LucasArts… | |||
| CVE-2013-0878 | critical | — | 9.3 | 13y ago | The advance_line function in libavcodec/targa.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via crafted Targa image data, related to an out-of-bounds array access. | |||
| CVE-2013-0877 | critical | — | 9.3 | 13y ago | The old_codec37 function in libavcodec/sanm.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via crafted LucasArts Smush data that has a large size when decoded, related… |