Total
11506 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-2295 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
| page/EventHandler.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 does not properly handle a change of the focused frame during the dispatching of keydown, which allows user-assisted remote attackers to redirect keystrokes via a crafted HTML document, aka rdar problem 7018610. NOTE: this might overlap CVE-2010-1422. | |||||
| CVE-2010-4388 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2025-04-11 | 4.3 MEDIUM | N/A |
| The (1) Upsell.htm, (2) Main.html, and (3) Custsupport.html components in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 and 2.1.3 allow remote attackers to inject code into the RealOneActiveXObject process, and consequently bypass intended Local Machine Zone restrictions and load arbitrary ActiveX controls, via unspecified vectors. | |||||
| CVE-2007-6739 | 1 G.rodola | 1 Pyftpdlib | 2025-04-11 | 5.0 MEDIUM | N/A |
| FTPServer.py in pyftpdlib before 0.2.0 allows remote attackers to cause a denial of service via a long command. | |||||
| CVE-2013-5560 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-11 | 5.4 MEDIUM | N/A |
| The IPv6 implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1.3 and earlier, when NAT64 or NAT66 is enabled, does not properly process NAT rules, which allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCue34342. | |||||
| CVE-2013-0670 | 1 Siemens | 1 Wincc Tia Portal | 2025-04-11 | 4.3 MEDIUM | N/A |
| CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. | |||||
| CVE-2013-0846 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 9.3 HIGH | N/A |
| Array index error in the qdm2_decode_super_block function in libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted QDM2 data, which triggers an out-of-bounds array access. | |||||
| CVE-2013-0221 | 2 Opensuse, Redhat | 2 Opensuse, Enterprise Linux | 2025-04-11 | 4.3 MEDIUM | N/A |
| The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command, when using the (1) -d or (2) -M switch, which triggers a stack-based buffer overflow in the alloca function. | |||||
| CVE-2010-2079 | 1 Magnoware | 1 Datatrack System | 2025-04-11 | 5.0 MEDIUM | N/A |
| DataTrack System 3.5 allows remote attackers to bypass intended restrictions on file extensions, and read arbitrary files, via a trailing backslash in a URI, as demonstrated by (1) web.config\ and (2) .ascx\ files. | |||||
| CVE-2012-0960 | 1 Ps Project Management Team | 1 Unity-firefox-extension | 2025-04-11 | 7.5 HIGH | N/A |
| Unity integration extension (unity-firefox-extension) before 2.4.1 for Firefox does not properly handle callbacks, which allows remote attackers to cause a denial of service (Firefox crash) and possibly execute arbitrary code via a crafted request. | |||||
| CVE-2012-4076 | 1 Cisco | 1 Nx-os | 2025-04-11 | 6.8 MEDIUM | N/A |
| Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in a command that calls the system library function, aka Bug IDs CSCtf23559 and CSCtf27780. | |||||
| CVE-2010-3960 | 1 Microsoft | 1 Windows Server 2008 | 2025-04-11 | 4.9 MEDIUM | N/A |
| Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows guest OS users to cause a denial of service (host OS hang) by sending a crafted encapsulated packet over the VMBus, aka "Hyper-V VMBus Vulnerability." | |||||
| CVE-2011-1678 | 1 Samba | 1 Samba | 2025-04-11 | 3.3 LOW | N/A |
| smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089. | |||||
| CVE-2010-1379 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | 5.0 MEDIUM | N/A |
| Printer Setup in Apple Mac OS X 10.6 before 10.6.4 does not properly interpret character encoding, which allows remote attackers to cause a denial of service (printing failure) by deploying a printing device that has a Unicode character in its printing-service name. | |||||
| CVE-2010-2566 | 1 Microsoft | 3 Windows 2003 Server, Windows Server 2003, Windows Xp | 2025-04-11 | 9.3 HIGH | N/A |
| The Secure Channel (aka SChannel) security package in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, does not properly validate certificate request messages from TLS and SSL servers, which allows remote servers to execute arbitrary code via a crafted SSL response, aka "SChannel Malformed Certificate Request Remote Code Execution Vulnerability." | |||||
| CVE-2012-4489 | 2 Drupal, Mark Burdett | 2 Drupal, Securelogin | 2025-04-11 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in the securelogin_secure_redirect function in the Secure Login module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter. | |||||
| CVE-2011-1159 | 1 Tedfelix | 1 Acpid | 2025-04-11 | 2.1 LOW | N/A |
| acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service (daemon hang) via a crafted application that performs a connect system call but no read system calls. | |||||
| CVE-2010-4553 | 1 Ibm | 1 Lotus Notes Traveler | 2025-04-11 | 5.0 MEDIUM | N/A |
| An unspecified Domino API in IBM Lotus Notes Traveler before 8.5.1.1 does not properly handle MIME types, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | |||||
| CVE-2013-0873 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 10.0 HIGH | N/A |
| The read_header function in libavcodec/shorten.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid channel count, related to "freeing invalid addresses." | |||||
| CVE-2012-2318 | 1 Pidgin | 1 Pidgin | 2025-04-11 | 5.0 MEDIUM | N/A |
| msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service (application crash) by placing these characters in a text/plain message. | |||||
| CVE-2010-2993 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 5.0 MEDIUM | N/A |
| The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | |||||