Export limit exceeded: 363690 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 26282 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (26282 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-0670 2 Iptechinside, Joomla 2 Com Jquarks, Joomla\! 2025-04-11 N/A
Unspecified vulnerability in the IP-Tech JQuarks (com_jquarks) Component before 0.2.4 for Joomla! allows attackers to obtain the installation path for Joomla! via unknown vectors.
CVE-2012-3817 2 Isc, Redhat 2 Bind, Enterprise Linux 2025-04-11 N/A
ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries.
CVE-2011-1355 1 Ibm 1 Websphere Application Server 2025-04-11 N/A
Open redirect vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 before 7.0.0.19 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the logoutExitPage parameter.
CVE-2011-3705 1 Michael Armbruster 1 Arctic Fox Cms 2025-04-11 N/A
Arctic Fox CMS 0.9.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by acp/includes/edit.inc.php and certain other files.
CVE-2011-3704 1 Apprain 1 Apprain 2025-04-11 N/A
appRain 0.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by cron.php.
CVE-2011-3952 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2025-04-11 N/A
The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large palette size in a KMVC encoded file.
CVE-2012-4176 1 Adobe 1 Shockwave Player 2025-04-11 N/A
Array index error in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2013-1140 1 Cisco 1 Security Monitoring Analysis And Response System 2025-04-11 N/A
The XML parser in Cisco Security Monitoring, Analysis, and Response System (MARS) allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCue55093.
CVE-2011-3703 1 Anecms 1 Anecms 2025-04-11 N/A
AneCMS 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/menu/index.php and certain other files.
CVE-2012-4235 2 Joomla, Rsgallery2 2 Joomla\!, Com Rsgallery2 2025-04-11 N/A
The RSGallery2 (com_rsgallery2) component before 3.2.0 for Joomla! 2.5.x does not place index.html files in image directories, which allows remote attackers to list image filenames via a request for a directory URI.
CVE-2010-1237 1 Google 1 Chrome 2025-04-11 N/A
Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via an empty SVG element.
CVE-2011-3702 1 Anantasoft 1 Ananta Gazelle 2025-04-11 N/A
Ananta Gazelle 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/template.php and certain other files.
CVE-2010-0182 2 Mozilla, Redhat 4 Firefox, Seamonkey, Thunderbird and 1 more 2025-04-11 N/A
The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows attackers to bypass intended access restrictions via crafted content.
CVE-2011-1447 1 Google 1 Chrome 2025-04-11 N/A
Google Chrome before 11.0.696.57 does not properly handle drop-down lists, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
CVE-2010-1258 1 Microsoft 7 Internet Explorer, Windows 2003 Server, Windows 7 and 4 more 2025-04-11 N/A
Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information, via unspecified vectors, aka "Event Handler Cross-Domain Vulnerability."
CVE-2010-1322 2 Mit, Redhat 2 Kerberos 5, Enterprise Linux 2025-04-11 N/A
The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of service (daemon crash), or possibly obtain sensitive information, spoof authorization, or execute arbitrary code, via a TGS request that triggers an uninitialized pointer dereference, as demonstrated by a request from a Windows Active Directory client.
CVE-2012-4390 1 Owncloud 2 Owncloud, Owncloud Server 2025-04-11 N/A
(1) apps/calendar/appinfo/remote.php and (2) apps/contacts/appinfo/remote.php in ownCloud before 4.0.7 allows remote authenticated users to enumerate the registered users via unspecified vectors.
CVE-2011-3701 1 Alegrocart 1 Alegrocart 2025-04-11 N/A
AlegroCart 1.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by common.php and certain other files.
CVE-2011-1448 1 Google 1 Chrome 2025-04-11 N/A
Google Chrome before 11.0.696.57 does not properly perform height calculations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
CVE-2011-1450 1 Google 1 Chrome 2025-04-11 N/A
Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."