Export limit exceeded: 23476 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23476 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4247 | 4 Apple, Microsoft, Realnetworks and 1 more | 7 Mac Os X, Windows, Helix Player and 4 more | 2025-04-11 | N/A |
| Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow." | ||||
| CVE-2009-4245 | 4 Apple, Microsoft, Realnetworks and 1 more | 7 Mac Os X, Windows, Helix Player and 4 more | 2025-04-11 | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp. | ||||
| CVE-2013-2217 | 3 Jeff Ortel, Opensuse, Redhat | 3 Suds, Opensuse, Enterprise Linux | 2025-04-11 | N/A |
| cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/. | ||||
| CVE-2009-2902 | 2 Apache, Redhat | 5 Tomcat, Certificate System, Enterprise Linux and 2 more | 2025-04-11 | N/A |
| Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename. | ||||
| CVE-2008-3279 | 2 Mielke, Redhat | 2 Brltty, Enterprise Linux | 2025-04-11 | N/A |
| Untrusted search path vulnerability in libbrlttybba.so in brltty 3.7.2 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting. | ||||
| CVE-2013-5721 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2025-04-11 | N/A |
| The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||||
| CVE-2011-3647 | 2 Mozilla, Redhat | 3 Firefox, Thunderbird, Enterprise Linux | 2025-04-11 | N/A |
| The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird before 3.1.6 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior, a related issue to CVE-2011-3004. | ||||
| CVE-2010-0622 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-11 | N/A |
| The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space. | ||||
| CVE-2004-2766 | 2 Redhat, Sun | 4 Enterprise Linux, Iplanet Messaging Server, One Messaging Server and 1 more | 2025-04-11 | N/A |
| Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02 allows remote attackers to obtain unspecified "access" to e-mail via a crafted e-mail message, related to a "session hijacking" issue, a different vulnerability than CVE-2005-2022 and CVE-2006-5486. | ||||
| CVE-2010-0309 | 2 Linux, Redhat | 3 Kernel, Enterprise Linux, Rhel Virtualization | 2025-04-11 | N/A |
| The pit_ioport_read function in the Programmable Interval Timer (PIT) emulation in i8254.c in KVM 83 does not properly use the pit_state data structure, which allows guest OS users to cause a denial of service (host OS crash or hang) by attempting to read the /dev/port file. | ||||
| CVE-2010-0306 | 2 Kvm Qumranet, Redhat | 3 Kvm, Enterprise Linux, Rhel Virtualization | 2025-04-11 | N/A |
| The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing (SMP), does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) to restrict instruction execution, which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region, and replacing an instruction in between emulator entry and instruction fetch, a related issue to CVE-2010-0298. | ||||
| CVE-2010-0291 | 3 Debian, Linux, Redhat | 4 Debian Linux, Linux Kernel, Enterprise Linux and 1 more | 2025-04-11 | N/A |
| The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the "do_mremap() mess" or "mremap/mmap mess." | ||||
| CVE-2010-0187 | 2 Adobe, Redhat | 3 Adobe Air, Flash Player, Rhel Extras | 2025-04-11 | N/A |
| Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to cause a denial of service (application crash) via a modified SWF file. | ||||
| CVE-2009-3302 | 4 Apache, Canonical, Debian and 1 more | 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more | 2025-04-11 | N/A |
| filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw." | ||||
| CVE-2012-1127 | 3 Freetype, Mozilla, Redhat | 3 Freetype, Firefox Mobile, Enterprise Linux | 2025-04-11 | N/A |
| FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font. | ||||
| CVE-2011-3200 | 2 Redhat, Rsyslog | 2 Enterprise Linux, Rsyslog | 2025-04-11 | N/A |
| Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message. | ||||
| CVE-2011-3201 | 3 Gnome, Oracle, Redhat | 6 Evolution, Solaris, Enterprise Linux and 3 more | 2025-04-11 | N/A |
| GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email. | ||||
| CVE-2011-3205 | 2 Redhat, Squid-cache | 2 Enterprise Linux, Squid | 2025-04-11 | N/A |
| Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression. | ||||
| CVE-2011-3206 | 2 Redhat, Rhq-project | 2 Jboss Operations Network, Rhq | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in RHQ 4.2.0, as used in JBoss Operations Network (aka JON or JBoss ON) before 3.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-3256 | 2 Apple, Redhat | 3 Iphone Os, Enterprise Linux, Rhel Eus | 2025-04-11 | N/A |
| FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a different vulnerability than CVE-2011-0226. | ||||