Export limit exceeded: 23313 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23313 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-2130 | 7 Adobe, Apple, Google and 4 more | 8 Adobe Air, Flash Player, Mac Os X and 5 more | 2025-04-11 | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2134, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415. | ||||
| CVE-2010-1452 | 2 Apache, Redhat | 3 Http Server, Enterprise Linux, Jboss Enterprise Web Server | 2025-04-11 | N/A |
| The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path. | ||||
| CVE-2010-0926 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-11 | N/A |
| The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options. | ||||
| CVE-2010-0407 | 2 Muscle, Redhat | 3 Pcsc-lite, Certificate System, Enterprise Linux | 2025-04-11 | N/A |
| Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled. | ||||
| CVE-2010-0212 | 2 Openldap, Redhat | 2 Openldap, Enterprise Linux | 2025-04-11 | N/A |
| OpenLDAP 2.4.22 allows remote attackers to cause a denial of service (crash) via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite. | ||||
| CVE-2010-0205 | 8 Apple, Canonical, Debian and 5 more | 8 Mac Os X, Ubuntu Linux, Debian Linux and 5 more | 2025-04-11 | N/A |
| The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack. | ||||
| CVE-2011-2748 | 4 Canonical, Debian, Isc and 1 more | 4 Ubuntu Linux, Debian Linux, Dhcp and 1 more | 2025-04-11 | N/A |
| The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet. | ||||
| CVE-2011-2752 | 2 Redhat, Squirrelmail | 2 Enterprise Linux, Squirrelmail | 2025-04-11 | N/A |
| CRLF injection vulnerability in SquirrelMail 1.4.21 and earlier allows remote attackers to modify or add preference values via a \n (newline) character, a different vulnerability than CVE-2010-4555. | ||||
| CVE-2011-2427 | 7 Adobe, Apple, Google and 4 more | 7 Flash Player, Mac Os X, Android and 4 more | 2025-04-11 | N/A |
| Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service via unspecified vectors. | ||||
| CVE-2011-2429 | 7 Adobe, Apple, Google and 4 more | 7 Flash Player, Mac Os X, Android and 4 more | 2025-04-11 | N/A |
| Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, related to a "security control bypass." | ||||
| CVE-2011-2437 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2025-04-11 | N/A |
| Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2434. | ||||
| CVE-2011-0311 | 2 Ibm, Redhat | 4 Java, Runtimes For Java Technology, Rhel Extras and 1 more | 2025-04-11 | N/A |
| The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read. | ||||
| CVE-2010-4383 | 4 Apple, Linux, Realnetworks and 1 more | 5 Mac Os X, Linux Kernel, Realplayer and 2 more | 2025-04-11 | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 12.0.0.1444, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to have an unspecified impact via a crafted RA5 file. | ||||
| CVE-2010-4392 | 3 Linux, Realnetworks, Redhat | 4 Linux Kernel, Realplayer, Realplayer Sp and 1 more | 2025-04-11 | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.1.2 and 2.1.3, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via crafted ImageMap data in a RealMedia file, related to certain improper integer calculations. | ||||
| CVE-2012-3954 | 4 Canonical, Debian, Isc and 1 more | 4 Ubuntu Linux, Debian Linux, Dhcp and 1 more | 2025-04-11 | N/A |
| Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests. | ||||
| CVE-2011-0541 | 2 Fuse, Redhat | 2 Fuse, Enterprise Linux | 2025-04-11 | N/A |
| fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary directories via a symlink attack. | ||||
| CVE-2012-0031 | 5 Apache, Debian, Opensuse and 2 more | 13 Http Server, Debian Linux, Opensuse and 10 more | 2025-04-11 | N/A |
| scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function. | ||||
| CVE-2011-3146 | 2 Gnome, Redhat | 2 Librsvg, Enterprise Linux | 2025-04-11 | N/A |
| librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive. | ||||
| CVE-2011-2834 | 4 Apple, Debian, Google and 1 more | 9 Iphone Os, Mac Os X, Debian Linux and 6 more | 2025-04-11 | N/A |
| Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | ||||
| CVE-2011-0627 | 7 Adobe, Apple, Google and 4 more | 7 Flash Player, Mac Os X, Android and 4 more | 2025-04-11 | N/A |
| Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content, as possibly exploited in the wild in May 2011 by a Microsoft Office document with an embedded .swf file. | ||||