Total
250066 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0277 | 2 Adium, Pidgin | 2 Adium, Pidgin | 2023-12-10 | 5.0 MEDIUM | N/A |
| slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a different issue than CVE-2010-0013. | |||||
| CVE-2011-5006 | 1 Qqplayer | 1 Qqplayer | 2023-12-10 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in QQPlayer 3.2.845 allows remote attackers to execute arbitrary code via a crafted PnSize value in a MOV file. | |||||
| CVE-2010-0446 | 1 Hp | 1 Dreamscreen | 2023-12-10 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability on the HP DreamScreen 100 and 130 with firmware before 1.6.0.0, when using a web-connected configuration, allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2010-2697 | 1 Sijio | 1 Community Software | 2023-12-10 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Sijio Community Software allows remote authenticated users to inject arbitrary web script or HTML via the title parameter when adding a new blog, related to edit_blog/index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-0111 | 2 Apple, Microsoft | 6 Itunes, Webkit, Windows and 3 more | 2023-12-10 | 7.6 HIGH | N/A |
| WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | |||||
| CVE-2011-4875 | 1 Siemens | 5 Simatic Hmi Panels, Wincc, Wincc Flexible and 2 more | 2023-12-10 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to execute arbitrary code via vectors related to Unicode strings. | |||||
| CVE-2010-1234 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to truncate the URL shown in the HTTP Basic Authentication dialog via unknown vectors. | |||||
| CVE-2012-1194 | 1 Microsoft | 1 Windows Server 2008 | 2023-12-10 | 6.4 MEDIUM | N/A |
| The resolver in the DNS Server service in Microsoft Windows Server 2008 before R2 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack. | |||||
| CVE-2011-0053 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2023-12-10 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2011-0828 | 1 Oracle | 1 Peoplesoft Enterprise | 2023-12-10 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8 Bundle #13 allows remote attackers to affect integrity via unknown vectors related to Application Portal. | |||||
| CVE-2011-2100 | 2 Adobe, Microsoft | 3 Acrobat, Acrobat Reader, Windows | 2023-12-10 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory. | |||||
| CVE-2010-0151 | 1 Cisco | 11 5500 Series Adaptive Security Appliance, 5505 Series Adaptive Security Appliance, 5510 Series Adaptive Security Appliance and 8 more | 2023-12-10 | 7.8 HIGH | N/A |
| The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used in for the Cisco Catalyst 6500 switches, Cisco 7600 routers, and ASA 5500 Adaptive Security Appliances, allows remote attackers to cause a denial of service (crash) via a malformed Skinny Client Control Protocol (SCCP) message. | |||||
| CVE-2010-1629 | 1 Phorum | 1 Phorum | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Phorum before 5.2.15 allows remote attackers to inject arbitrary web script or HTML via an invalid email address. | |||||
| CVE-2009-4539 | 1 Sqlitemanager | 1 Sqlitemanager | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in main.php in SQLiteManager 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter. | |||||
| CVE-2011-4101 | 1 Wireshark | 1 Wireshark | 2023-12-10 | 4.3 MEDIUM | N/A |
| The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. | |||||
| CVE-2011-2976 | 1 Mozilla | 1 Bugzilla | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, and 3.4.x before 3.4.12 allows remote attackers to inject arbitrary web script or HTML via vectors involving a BUGLIST cookie. | |||||
| CVE-2011-2791 | 1 Google | 1 Chrome | 2023-12-10 | 6.8 MEDIUM | N/A |
| The International Components for Unicode (ICU) functionality in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. | |||||
| CVE-2011-3368 | 1 Apache | 1 Http Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial @ (at sign) character. | |||||
| CVE-2010-2943 | 4 Avaya, Canonical, Linux and 1 more | 10 Aura Communication Manager, Aura Presence Services, Aura Session Manager and 7 more | 2023-12-10 | 6.4 MEDIUM | 8.1 HIGH |
| The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle. | |||||
| CVE-2010-3004 | 2 Hp, Microsoft | 2 Operations Agent, Windows | 2023-12-10 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on Windows allows remote attackers to execute arbitrary code via unknown vectors. | |||||