Export limit exceeded: 362846 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (26225 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-0471 | 1 Google | 2 Chrome, Chrome Os | 2025-04-11 | N/A |
| The node-iteration implementation in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 does not properly handle pointers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2011-0485 | 1 Google | 2 Chrome, Chrome Os | 2025-04-11 | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle speech data, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "stale pointer." | ||||
| CVE-2011-0764 | 4 Foolabs, Glyphandcog, Redhat and 1 more | 4 Xpdf, Xpdfreader, Enterprise Linux and 1 more | 2025-04-11 | N/A |
| t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf. | ||||
| CVE-2010-1167 | 1 Fetchmail | 1 Fetchmail | 2025-04-11 | N/A |
| fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted (1) message header or (2) POP3 UIDL list. | ||||
| CVE-2010-4781 | 1 Enanocms | 1 Enano Cms | 2025-04-11 | N/A |
| index.php in Enano CMS 1.1.7pl1, and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2, allows remote attackers to obtain sensitive information via a crafted title parameter, which reveals the installation path in an error message. | ||||
| CVE-2012-4032 | 1 Websitepanel | 1 Websitepanel | 2025-04-11 | N/A |
| Open redirect vulnerability in the login page in WebsitePanel before 1.2.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in ReturnUrl to Default.aspx. | ||||
| CVE-2013-1162 | 1 Cisco | 1 Ios Xr | 2025-04-11 | N/A |
| The traffic engineering (TE) processing subsystem in Cisco IOS XR allows remote attackers to cause a denial of service (process restart) via crafted TE packets, aka Bug ID CSCue04000. | ||||
| CVE-2013-4286 | 2 Apache, Redhat | 11 Tomcat, Enterprise Linux, Jboss Bpms and 8 more | 2025-04-11 | N/A |
| Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header. NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090. | ||||
| CVE-2011-3265 | 1 Zabbix | 1 Zabbix | 2025-04-11 | N/A |
| popup.php in Zabbix before 1.8.7 allows remote attackers to read the contents of arbitrary database tables via a modified srctbl parameter. | ||||
| CVE-2014-0662 | 1 Cisco | 2 Telepresence Video Communication Server Software, Telepresence Video Communication Servers Software | 2025-04-11 | N/A |
| The SIP module in Cisco TelePresence Video Communication Server (VCS) before 8.1 allows remote attackers to cause a denial of service (process failure) via a crafted SDP message, aka Bug ID CSCue97632. | ||||
| CVE-2013-0909 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| The XSS Auditor in Google Chrome before 25.0.1364.152 allows remote attackers to obtain sensitive HTTP Referer information via unspecified vectors. | ||||
| CVE-2013-0939 | 1 Emc | 4 Documentum Records Manager, Documentum Taskspace, Documentum Wdk and 1 more | 2025-04-11 | N/A |
| EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allow remote attackers to obtain sensitive information via vectors involving cross-origin frame navigation, related to a "Cross Frame Scripting" issue. | ||||
| CVE-2009-4511 | 1 Vsecurity | 1 Tandberg Video Communication Server | 2025-04-11 | N/A |
| Multiple directory traversal vulnerabilities in the web administration interface on the TANDBERG Video Communication Server (VCS) before X5.1 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter to (1) helppage.php or (2) user/helppage.php. | ||||
| CVE-2011-3363 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-11 | 6.5 Medium |
| The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service (system crash) by placing a referral at the root of a share. | ||||
| CVE-2013-0943 | 1 Emc | 1 Networker | 2025-04-11 | N/A |
| EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin. | ||||
| CVE-2011-3365 | 2 Kde, Redhat | 2 Kde Sc, Enterprise Linux | 2025-04-11 | N/A |
| The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text. | ||||
| CVE-2013-0944 | 1 Emc | 1 Avamar | 2025-04-11 | N/A |
| The web-based file-restore interface in EMC Avamar Server before 6.1.0 allows remote authenticated users to read arbitrary files via a crafted URL. | ||||
| CVE-2011-3366 | 1 Adjam | 1 Rekonq | 2025-04-11 | N/A |
| Rekonq 0.7.0 and earlier does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text. | ||||
| CVE-2013-0945 | 1 Emc | 1 Avamar | 2025-04-11 | N/A |
| EMC Avamar Client before 6.1.101-89 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | ||||
| CVE-2011-3367 | 1 Arora-browser | 1 Arora | 2025-04-11 | N/A |
| Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text. | ||||