Export limit exceeded: 23499 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (23499 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-2178 1 Redhat 1 Libvirt 2025-04-11 N/A
The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk probing" and might allow guest OS users to read arbitrary files on the host OS. NOTE: this vulnerability exists because of a CVE-2010-2238 regression.
CVE-2013-4372 1 Redhat 6 Fuse Esb Enterprise, Fuse Management Console, Fuse Mq Enterprise and 3 more 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Fuse Management Console in Red Hat JBoss Fuse 6.0.0 before patch 3 and JBoss A-MQ 6.0.0 before patch 3 allow remote attackers to inject arbitrary web script or HTML via the (1) user field in the create user page or (2) profile version to the create profile page.
CVE-2013-4387 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2025-04-11 N/A
net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet.
CVE-2011-2202 2 Php, Redhat 2 Php, Enterprise Linux 2025-04-11 N/A
The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a "file path injection vulnerability."
CVE-2013-4415 2 Redhat, Suse 6 Network Satellite, Satellite, Satellite 5 Managed Db and 3 more 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) whereCriteria variable in a software channels search; (2) end_year, (3) start_hour, (4) end_am_pm, (5) end_day, (6) end_hour, (7) end_minute, (8) end_month, (9) end_year, (10) optionScanDateSearch, (11) result_filter, (12) search_string, (13) show_as, (14) start_am_pm, (15) start_day, (16) start_hour, (17) start_minute, (18) start_month, (19) start_year, or (20) whereToSearch variable in an scap audit results search; (21) end_minute, (22) end_month, (23) end_year, (24) errata_type_bug, (25) errata_type_enhancement, (26) errata_type_security, (27) fineGrained, (28) list_1892635924_sortdir, (29) optionIssueDateSearch, (30) start_am_pm, (31) start_day, (32) start_hour, (33) start_minute, (34) start_month, (35) start_year, or (36) view_mode variable in an errata search; or (37) fineGrained variable in a systems search, related to PAGE_SIZE_LABEL_SELECTED.
CVE-2011-2213 2 Linux, Redhat 8 Linux Kernel, Enterprise Linux, Enterprise Linux Aus and 5 more 2025-04-11 N/A
The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880.
CVE-2013-4424 1 Redhat 1 Jboss Enterprise Portal Platform 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the GateIn Portal component in Red Hat JBoss Portal 6.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-2807 4 Apple, Google, Linux and 1 more 4 Iphone Os, Chrome, Linux Kernel and 1 more 2025-04-11 N/A
Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2012-2813 2 Libexif Project, Redhat 2 Libexif, Enterprise Linux 2025-04-11 N/A
The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.
CVE-2013-4428 3 Canonical, Openstack, Redhat 3 Ubuntu Linux, Glance, Openstack 2025-04-11 N/A
OpenStack Image Registry and Delivery Service (Glance) Folsom, Grizzly before 2013.1.4, and Havana before 2013.2, when the download_image policy is configured, does not properly restrict access to cached images, which allows remote authenticated users to read otherwise restricted images via an image UUID.
CVE-2012-2825 2 Google, Redhat 2 Chrome, Enterprise Linux 2025-04-11 N/A
The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors.
CVE-2013-0604 2 Adobe, Redhat 3 Acrobat, Acrobat Reader, Rhel Extras 2025-04-11 N/A
Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0603.
CVE-2013-4458 3 Gnu, Redhat, Suse 4 Glibc, Enterprise Linux, Linux Enterprise Debuginfo and 1 more 2025-04-11 N/A
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914.
CVE-2013-0606 2 Adobe, Redhat 3 Acrobat, Acrobat Reader, Rhel Extras 2025-04-11 N/A
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0612, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621.
CVE-2012-2837 2 Libexif Project, Redhat 2 Libexif, Enterprise Linux 2025-04-11 N/A
The mnote_olympus_entry_get_value function in olympus/mnote-olympus-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (divide-by-zero error) via an image with crafted EXIF tags that are not properly handled during the formatting of EXIF maker note tags.
CVE-2013-0609 2 Adobe, Redhat 3 Acrobat, Acrobat Reader, Rhel Extras 2025-04-11 N/A
Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0613.
CVE-2013-0611 2 Adobe, Redhat 3 Acrobat, Acrobat Reader, Rhel Extras 2025-04-11 N/A
Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0614, and CVE-2013-0618.
CVE-2013-0626 2 Adobe, Redhat 3 Acrobat, Acrobat Reader, Rhel Extras 2025-04-11 N/A
Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0610.
CVE-2013-0613 2 Adobe, Redhat 3 Acrobat, Acrobat Reader, Rhel Extras 2025-04-11 N/A
Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0609.
CVE-2013-0633 6 Adobe, Apple, Google and 3 more 6 Flash Player, Mac Os X, Android and 3 more 2025-04-11 N/A
Buffer overflow in Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013.