Total
246433 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-0722 | 2 Ffmpeg, Mplayerhq | 2 Ffmpeg, Mplayer | 2023-12-10 | 6.8 MEDIUM | N/A |
FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a malformed RealMedia file. | |||||
CVE-2011-2102 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2023-12-10 | 9.3 HIGH | N/A |
Unspecified vulnerability in Adobe Reader and Acrobat before 10.1 on Windows and Mac OS X allows attackers to bypass intended access restrictions via unknown vectors. | |||||
CVE-2010-3484 | 1 Lightneasy | 1 Lightneasy | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary SQL commands via the handle parameter to LightNEasy.php, a different vector than CVE-2008-6593. | |||||
CVE-2010-1253 | 1 Microsoft | 4 Excel, Office, Office Compatibility Pack and 1 more | 2023-12-10 | 9.3 HIGH | N/A |
Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file with crafted DBQueryExt records that allow a function call to a "user-controlled pointer," aka "Excel ADO Object Vulnerability." | |||||
CVE-2011-1764 | 1 Exim | 1 Exim | 2023-12-10 | 7.5 HIGH | N/A |
Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character. | |||||
CVE-2010-4872 | 1 Pilotcart | 1 Pilot Cart | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in newsroom.asp in ASPilot Pilot Cart 7.3 allows remote attackers to execute arbitrary SQL commands via the specific parameter. | |||||
CVE-2010-1023 | 1 Taskcenter Recent Project | 1 Taskcenter Recent | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the UserTask Center, Recent (taskcenter_recent) extension 0.1.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2011-0480 | 3 Canonical, Debian, Google | 4 Ubuntu Linux, Debian Linux, Chrome and 1 more | 2023-12-10 | 9.3 HIGH | N/A |
Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted WebM file, related to buffers for (1) the channel floor and (2) the channel residue. | |||||
CVE-2011-2419 | 1 Adobe | 1 Shockwave Player | 2023-12-10 | 10.0 HIGH | N/A |
IML32.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
CVE-2008-7265 | 1 Proftpd | 1 Proftpd | 2023-12-10 | 4.0 MEDIUM | N/A |
The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote authenticated users to cause a denial of service (CPU consumption) via an ABOR command during a data transfer. | |||||
CVE-2010-4082 | 3 Linux, Opensuse, Suse | 5 Linux Kernel, Opensuse, Linux Enterprise Desktop and 2 more | 2023-12-10 | 1.9 LOW | N/A |
The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a VIAFB_GET_INFO ioctl call. | |||||
CVE-2011-0257 | 1 Apple | 1 Quicktime | 2023-12-10 | 9.3 HIGH | N/A |
Integer signedness error in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PnSize opcode in a PICT file that triggers a stack-based buffer overflow. | |||||
CVE-2010-5017 | 1 Eliteladders | 1 Elite Gaming Ladders | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in stats.php in Elite Gaming Ladders 3.0 allows remote attackers to execute arbitrary SQL commands via the account parameter. | |||||
CVE-2010-1796 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2023-12-10 | 2.6 LOW | N/A |
The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields. | |||||
CVE-2010-0048 | 1 Apple | 1 Safari | 2023-12-10 | 9.3 HIGH | N/A |
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document. | |||||
CVE-2009-4958 | 1 Emophp | 1 Emo Breeder Manager | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in video.php in EMO Breeder Manager (aka EMO Breader Manager) allows remote attackers to execute arbitrary SQL commands via the idd parameter. | |||||
CVE-2010-4490 | 1 Google | 1 Chrome | 2023-12-10 | 9.3 HIGH | N/A |
Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via malformed video content that triggers an indexing error. | |||||
CVE-2011-1053 | 1 Hex-rays | 1 Ida | 2023-12-10 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows user-assisted remote attackers to cause a denial of service (out-of-memory exception and inability to analyze code) via a crafted Mach-O file. | |||||
CVE-2011-2830 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Google V8, as used in Google Chrome before 14.0.835.163, does not properly implement script object wrappers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2010-1777 | 2 Apple, Microsoft | 5 Itunes, Mac Os X, Windows 7 and 2 more | 2023-12-10 | 9.3 HIGH | N/A |
Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted itpc: URL. |