Search Results (2919 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-2927 2 Atlassian, Tm Software 4 Jira, Tempo, Tempo6.3.0 and 1 more 2025-04-11 N/A
The TM Software Tempo plugin before 6.4.3.1, 6.5.x before 6.5.0.2, and 7.x before 7.0.3 for Atlassian JIRA does not properly restrict the capabilities of third-party XML parsers, which allows remote authenticated users to cause a denial of service (resource consumption) via unspecified vectors.
CVE-2012-2948 2 Asterisk, Sangoma 3 Certified Asterisk, Open Source, Asterisk 2025-04-11 N/A
chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode.
CVE-2012-2970 1 Synel 1 Sy-780\/a Time \& Attendance Terminal 2025-04-11 N/A
The Synel SY-780/A Time & Attendance terminal allows remote attackers to cause a denial of service (device hang) via network traffic to port (1) 1641, (2) 3734, or (3) 3735.
CVE-2012-3060 1 Cisco 1 Unity Connection 2025-04-11 N/A
Cisco Unity Connection (UC) 8.6, 9.0, and 9.5 allows remote attackers to cause a denial of service (CPU consumption) via malformed UDP packets, aka Bug ID CSCtz76269.
CVE-2012-3079 1 Cisco 1 Ios 2025-04-11 N/A
Cisco IOS 12.2 allows remote attackers to cause a denial of service (CPU consumption) by establishing many IPv6 neighbors, aka Bug ID CSCtn78957.
CVE-2012-3300 1 Ibm 1 Websphere Commerce 2025-04-11 N/A
IBM WebSphere Commerce 7.0 before 7.0.0.6, when persistent sessions and personalization IDs are enabled, allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors.
CVE-2012-3420 1 Sgi 1 Performance Co-pilot 2025-04-11 N/A
Multiple memory leaks in Performance Co-Pilot (PCP) before 3.6.5 allow remote attackers to cause a denial of service (memory consumption or daemon crash) via a large number of PDUs with (1) a crafted context number to the DoFetch function in pmcd/src/dofetch.c or (2) a negative type value to the __pmGetPDU function in libpcp/src/pdu.c.
CVE-2012-3433 1 Xen 1 Xen 2025-04-11 N/A
Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of service (domain 0 VCPU hang and kernel panic) by modifying the physical address space in a way that triggers excessive shared page search time during the p2m teardown.
CVE-2012-3445 1 Redhat 2 Enterprise Linux, Libvirt 2025-04-11 N/A
The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to cause a denial of service (libvirtd crash) via an RPC command with nparams set to zero, which triggers an out-of-bounds read or a free of an invalid pointer.
CVE-2012-3510 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-11 N/A
Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command.
CVE-2012-3517 1 Tor 1 Tor 2025-04-11 N/A
Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests.
CVE-2012-3722 1 Apple 3 Iphone Os, Mac Os X, Mac Os X Server 2025-04-11 N/A
The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding.
CVE-2012-3726 1 Apple 1 Iphone Os 2025-04-11 N/A
Double free vulnerability in ImageIO in Apple iOS before 6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.
CVE-2012-3747 1 Apple 1 Iphone Os 2025-04-11 N/A
WebKit, as used in Apple iOS before 6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2012-3751 1 Apple 1 Quicktime 2025-04-11 N/A
Use-after-free vulnerability in the plugin in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with a crafted _qtactivex_ parameter in an OBJECT element.
CVE-2012-3754 1 Apple 1 Quicktime 2025-04-11 N/A
Use-after-free vulnerability in the Clear method in the ActiveX control in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
CVE-2012-3812 1 Digium 3 Asterisk, Asteriske, Certified Asterisk 2025-04-11 N/A
Double free vulnerability in apps/app_voicemail.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digiumphones allows remote authenticated users to cause a denial of service (daemon crash) by establishing multiple voicemail sessions and accessing both the Urgent mailbox and the INBOX mailbox.
CVE-2012-3847 1 Invensys 2 Intouch, Wonderware Application Server 2025-04-11 N/A
slssvc.exe in Invensys Wonderware SuiteLink in Invensys InTouch 2012 and Wonderware Application Server 2012 allows remote attackers to cause a denial of service (resource consumption) via a long Unicode string, a different vulnerability than CVE-2012-3007.
CVE-2012-3863 1 Digium 4 Asterisk, Asterisk Business Edition, Asteriske and 1 more 2025-04-11 N/A
channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Asterisk Business Edition C.3.x before C.3.7.5, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digiumphones does not properly handle a provisional response to a SIP reINVITE request, which allows remote authenticated users to cause a denial of service (RTP port exhaustion) via sessions that lack final responses.
CVE-2012-3899 1 Cisco 6 Intrusion Prevention System, Ips 4240, Ips 4250 Sx and 3 more 2025-04-11 N/A
sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and process crash, and traffic-inspection outage) via network traffic, aka Bug ID CSCtn23051.