Total
29620 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1164 | 1 Cisco | 7 Asr 1001, Asr 1002, Asr 1002-x and 4 more | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco IOS XE 3.4 before 3.4.4S, 3.5, and 3.6 on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 multicast packets, aka Bug ID CSCtz97563. | |||||
| CVE-2010-3492 | 1 Python | 1 Python | 2025-04-11 | 5.0 MEDIUM | N/A |
| The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections. | |||||
| CVE-2010-4098 | 1 Monotone | 1 Monotone | 2025-04-11 | 5.0 MEDIUM | N/A |
| monotone before 0.48.1, when configured to allow remote commands, allows remote attackers to cause a denial of service (crash) via an empty argument to the mtn command. | |||||
| CVE-2010-3771 | 1 Mozilla | 2 Firefox, Seamonkey | 2025-04-11 | 6.8 MEDIUM | N/A |
| Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to redirection to a chrome: URI. | |||||
| CVE-2010-0233 | 1 Microsoft | 5 Windows 2000, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-11 | 7.2 HIGH | N/A |
| Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application, aka "Windows Kernel Double Free Vulnerability." | |||||
| CVE-2011-4729 | 3 Microsoft, Parallels, Redhat | 3 Windows, Parallels Plesk Panel, Enterprise Linux | 2025-04-11 | 5.0 MEDIUM | N/A |
| The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, as demonstrated by cookies used by login_up.php3 and certain other files. | |||||
| CVE-2012-0479 | 1 Mozilla | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2025-04-11 | 4.3 MEDIUM | N/A |
| Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to spoof the address bar via an https URL for invalid (1) RSS or (2) Atom XML content. | |||||
| CVE-2010-4108 | 1 Hp | 1 Hp-ux | 2025-04-11 | 6.8 MEDIUM | N/A |
| HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threaded processes, which allows remote authenticated users to cause a denial of service via unspecified vectors. | |||||
| CVE-2010-5238 | 1 Cyberlink | 1 Powerdirector | 2025-04-11 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in CyberLink PowerDirector 8.00.3022 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdl, .iso, .pds, .p2g, or .p2i file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5198 | 1 Intuit | 1 Quickbooks | 2025-04-11 | 6.9 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in Intuit QuickBooks 2010 allow local users to gain privileges via a Trojan horse (1) dbicudtx11.dll, (2) mfc90enu.dll, or (3) mfc90loc.dll file in the current working directory, as demonstrated by a directory that contains a .des, .qbo, or .qpg file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-2752 | 1 Vmware | 1 Vma | 2025-04-11 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in VMware vMA 4.x and 5.x before 5.0.0.2 allows local users to gain privileges via a Trojan horse DLL in the current working directory. | |||||
| CVE-2010-1803 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | 4.3 MEDIUM | N/A |
| Time Machine in Apple Mac OS X 10.6.x before 10.6.5 does not verify the unique identifier of its remote AFP volume, which allows remote attackers to obtain sensitive information by spoofing this volume. | |||||
| CVE-2012-3096 | 1 Cisco | 1 Unity Connection | 2025-04-11 | 4.0 MEDIUM | N/A |
| Cisco Unity Connection (UC) 7.1, 8.0, and 8.5 allows remote authenticated users to cause a denial of service (resource consumption and administration outage) via extended use of the product, aka Bug ID CSCtd79132. | |||||
| CVE-2011-5151 | 1 Acdsee | 1 Picture Frame Manager | 2025-04-11 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in ACDSee Picture Frame Manager 1.0 Build 81 allows local users to gain privileges via a Trojan horse ShellIntMgrPFMU.dll file in the current working directory, as demonstrated by a directory that contains a .jpg file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-2328 | 1 Ibm | 1 Websphere Application Server | 2025-04-11 | 5.0 MEDIUM | N/A |
| The HTTP Channel in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 allows remote attackers to cause a denial of service (NullPointerException) via a large amount of chunked data that uses gzip compression. | |||||
| CVE-2012-4754 | 1 Mindjet | 1 Mindmanager 2012 | 2025-04-11 | 6.3 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in MindManager 2012 10.0.493 allow local users to gain privileges via a Trojan horse (1) ssgp.dll or (2) dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .mmap file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5259 | 1 Isobuster | 1 Isobuster | 2025-04-11 | 6.9 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in IsoBuster 2.8 allow local users to gain privileges via a Trojan horse (1) wnaspi32.dll or (2) ntaspi32.dll file in the current working directory, as demonstrated by a directory that contains a .img file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-5264 | 1 Prof-uis | 1 Prof-uis | 2025-04-11 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in the CExtDWM::CExtDWM method in ProfUIS290m.dll and ProfUIS290m-RDE.dll in Prof-UIS before 2.9.1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-3565 | 1 Opera | 1 Opera Browser | 2025-04-11 | 5.0 MEDIUM | N/A |
| Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted characters in domain names, as demonstrated by "IDNA2008 tests." | |||||
| CVE-2011-3109 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2025-04-11 | 7.5 HIGH | N/A |
| Google Chrome before 19.0.1084.52 on Linux does not properly perform a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have unknown other impact by leveraging an error in the GTK implementation of the UI. | |||||