Max CVSS 7.6 Min CVSS 1.9 Total Count31
IDCVSSSummaryLast (major) updatePublished
CVE-2012-4527 6.8
Stack-based buffer overflow in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name. NOTE: it is not clear whether this is a vulnerability.
07-12-2016 - 22:02 21-11-2012 - 18:55
CVE-2012-3400 7.6
Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesyst
07-12-2016 - 22:02 03-10-2012 - 07:02
CVE-2012-5128 7.5
Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, does not properly perform write operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
28-09-2016 - 10:51 07-11-2012 - 06:43
CVE-2012-5116 7.5
Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG filters.
28-09-2016 - 10:51 07-11-2012 - 06:43
CVE-2012-5125 7.5
Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of extension tabs.
28-09-2016 - 10:50 07-11-2012 - 06:43
CVE-2012-5119 6.8
Race condition in Pepper, as used in Google Chrome before 23.0.1271.64, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to buffers.
28-09-2016 - 10:50 07-11-2012 - 06:43
CVE-2012-5124 7.5
Google Chrome before 23.0.1271.64 does not properly handle textures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
28-09-2016 - 10:49 07-11-2012 - 06:43
CVE-2012-5117 7.5
Google Chrome before 23.0.1271.64 does not properly restrict the loading of an SVG subresource in the context of an IMG element, which has unspecified impact and remote attack vectors.
28-09-2016 - 10:49 07-11-2012 - 06:43
CVE-2012-5126 7.5
Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of plug-in placeholders.
28-09-2016 - 10:47 07-11-2012 - 06:43
CVE-2012-5122 7.5
Google Chrome before 23.0.1271.64 does not properly perform a cast of an unspecified variable during handling of input, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
28-09-2016 - 10:47 07-11-2012 - 06:43
CVE-2012-5121 7.5
Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video layout.
28-09-2016 - 10:44 07-11-2012 - 06:43
CVE-2012-5127 7.5
Integer overflow in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted WebP image.
28-09-2016 - 10:41 07-11-2012 - 06:43
CVE-2012-5123 5.0
Skia, as used in Google Chrome before 23.0.1271.64, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
28-09-2016 - 10:00 07-11-2012 - 06:43
CVE-2012-4540 6.8
Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.x before 1.4.1 allows remote attackers to obtain sensitive information, cause a denial of s
31-05-2016 - 11:11 11-11-2012 - 08:00
CVE-2012-4508 1.9
Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized.
07-01-2014 - 23:32 21-12-2012 - 06:47
CVE-2012-3511 6.2
Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call.
23-10-2013 - 23:40 03-10-2012 - 23:28
CVE-2012-4565 4.7
The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcp_congestion_control illinois setting is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) by read
21-08-2013 - 23:58 21-12-2012 - 06:47
CVE-2012-6579 6.4
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to configure encryption or signing for certain outbound e-mail, and possibly cause a denial of service (loss of e-mail readability)
26-07-2013 - 00:00 24-07-2013 - 08:01
CVE-2012-6578 4.3
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled with a "Sign by default" queue configuration, uses a queue's key for signing, which might allow remote attackers to spoof messages by leveraging the lack of
24-07-2013 - 00:00 24-07-2013 - 08:01
CVE-2012-6580 4.3
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for remote attackers to spoof details of a message's ori
24-07-2013 - 00:00 24-07-2013 - 08:01
CVE-2012-6581 4.3
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to bypass intended restrictions on reading keys in the product's keyring, and trigger outbound e-mail messages signed by an arbitra
24-07-2013 - 00:00 24-07-2013 - 08:01
CVE-2012-5120 7.5
Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on 64-bit Linux platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-boun
25-06-2013 - 23:15 07-11-2012 - 06:43
CVE-2012-5118 7.5
Google Chrome before 23.0.1271.64 on Mac OS X does not properly validate an integer value during the handling of GPU command buffers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vec
25-06-2013 - 23:14 07-11-2012 - 06:43
CVE-2012-4734 5.0
Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to conduct a "confused deputy" attack to bypass the CSRF warning protection mechanism and cause victims to "modify arbitrary state" via unknown vectors related to
01-03-2013 - 23:46 11-11-2012 - 08:00
CVE-2012-4732 6.8
Cross-site request forgery (CSRF) vulnerability in Request Tracker (RT) 3.8.12 and other versions before 3.8.15, and 4.0.6 and other versions before 4.0.8, allows remote attackers to hijack the authentication of users for requests that toggle ticket
01-03-2013 - 23:46 11-11-2012 - 08:00
CVE-2012-1568 1.9
The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for contex
01-03-2013 - 10:47 01-03-2013 - 00:40
CVE-2012-4507 5.0
The strchr function in procmime.c in Claws Mail (aka claws-mail) 3.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted email.
01-03-2013 - 00:00 22-10-2012 - 19:55
CVE-2012-4884 5.0
Argument injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to create arbitrary files via unspecified vectors related to the GnuPG client.
15-11-2012 - 00:00 11-11-2012 - 08:00
CVE-2012-4730 3.5
Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote authenticated users with ModifySelf or AdminUser privileges to inject arbitrary email headers and conduct phishing attacks or obtain sensitive information via unknown vecto
12-11-2012 - 00:00 11-11-2012 - 08:00
CVE-2012-2133 4.0
Use-after-free vulnerability in the Linux kernel before 3.3.6, when huge pages are enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges by interacting with a hugetlbfs filesystem, as demonstrated by a um
13-08-2012 - 23:37 03-07-2012 - 12:40
CVE-2012-3449 3.6
Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files.
08-08-2012 - 00:00 07-08-2012 - 16:55
Back to Top Mark selected
Back to Top