Total
246967 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-0004 | 1 Matomo | 1 Matomo | 2023-12-10 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Piwik before 1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2010-3177 | 1 Mozilla | 2 Firefox, Seamonkey | 2023-12-10 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server. | |||||
CVE-2011-1124 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to blocked plug-ins. | |||||
CVE-2011-1100 | 1 Pixelpost | 1 Pixelpost | 2023-12-10 | 6.5 MEDIUM | N/A |
Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, or (5) selectftag parameter in an images action. | |||||
CVE-2011-4500 | 2 Cisco, Linksys | 2 Linksys Wrt54gx Router Firmware, Wrt54gx | 2023-12-10 | 7.5 HIGH | N/A |
The UPnP IGD implementation on the Cisco Linksys WRT54GX with firmware 2.00.05, when UPnP is enabled, configures the SOAP server to listen on the WAN port, which allows remote attackers to administer the firewall via SOAP requests. | |||||
CVE-2011-0221 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2023-12-10 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||||
CVE-2011-0677 | 1 Microsoft | 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more | 2023-12-10 | 7.2 HIGH | N/A |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability." | |||||
CVE-2002-2434 | 1 Novell | 2 Netware, Netware Ftp Server | 2023-12-10 | 5.0 MEDIUM | N/A |
NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions. | |||||
CVE-2010-4284 | 1 Samsung | 1 Data Management Server | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
CVE-2011-2224 | 1 Novell | 2 Data Synchronizer, Mobility Pack | 2023-12-10 | 4.3 MEDIUM | N/A |
The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors. | |||||
CVE-2010-4721 | 1 Mhproducts | 1 Immo Makler | 2023-12-10 | 7.5 HIGH | N/A |
SQL injection vulnerability in news.php in Immo Makler allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
CVE-2011-2761 | 1 Google | 1 Chrome | 2023-12-10 | 4.3 MEDIUM | N/A |
Google Chrome 14.0.794.0 does not properly handle a reload of a page generated in response to a POST, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web site, related to GetWidget methods. | |||||
CVE-2011-1851 | 1 Hp | 1 Intelligent Management Center | 2023-12-10 | 10.0 HIGH | N/A |
Stack-based buffer overflow in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long mode field. | |||||
CVE-2011-0946 | 1 Cisco | 2 Ios, Ios Xe | 2023-12-10 | 7.8 HIGH | N/A |
The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) via malformed NetMeeting Directory (aka Internet Locator Service or ILS) LDAP traffic, aka Bug ID CSCtd10712. | |||||
CVE-2012-0309 | 1 Cogentdatahub | 3 Cascade Datahub, Cogent Datahub, Opc Datahub | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Cogent DataHub 7.1.2 and earlier, Cascade DataHub 6.4.20 and earlier, and OPC DataHub 6.4.20 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2010-3987 | 1 Hp | 1 Insight Control Virtual Machine Management | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2010-4246 | 1 Bsdperimeter | 1 Pfsense | 2023-12-10 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in graph.php in pfSense 1.2.3 and 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via the (1) ifnum or (2) ifname parameter, a different vulnerability than CVE-2008-1182. | |||||
CVE-2011-4244 | 1 Realnetworks | 1 Realplayer | 2023-12-10 | 10.0 HIGH | N/A |
Heap-based buffer overflow in the RealVideo renderer in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
CVE-2011-0191 | 2 Apple, Microsoft | 5 Itunes, Windows, Windows 7 and 2 more | 2023-12-10 | 9.3 HIGH | N/A |
Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding. | |||||
CVE-2010-4971 | 2 Joomla, Videowhisper | 2 Joomla\!, Php 2 Way Video Chat | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in VideoWhisper PHP 2 Way Video Chat component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the r parameter to index.php. |