Total
247027 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-4784 | 1 Nvidia | 1 Stereoscopic 3d Driver | 2023-12-10 | 7.2 HIGH | N/A |
| The NVIDIA Stereoscopic 3D driver before 7.17.12.7565 does not properly handle commands sent to a named pipe, which allows local users to gain privileges via a crafted application. | |||||
| CVE-2011-0694 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2023-12-10 | 9.3 HIGH | N/A |
| RealNetworks RealPlayer 11.0 through 11.1, SP 1.0 through 1.1.5, and 14.0.0 through 14.0.1, and Enterprise 2.0 through 2.1.4, uses predictable names for temporary files, which allows remote attackers to conduct cross-domain scripting attacks and execute arbitrary code via the OpenURLinPlayerBrowser function. | |||||
| CVE-2011-2172 | 1 Ibm | 1 Websphere Portal | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the search center in IBM WebSphere Portal 7.0.0.1 before CF004 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-0792 | 1 Thibault Godouet | 1 Fcron | 2023-12-10 | 1.9 LOW | N/A |
| fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an unspecified file. | |||||
| CVE-2011-4868 | 1 Isc | 1 Dhcp | 2023-12-10 | 6.1 MEDIUM | N/A |
| The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update. | |||||
| CVE-2009-4683 | 1 Scriptsez | 1 Good\/bad Vote | 2023-12-10 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in vote.php in Good/Bad Vote allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter in a dovote action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-0901 | 1 Erick Woods | 1 Terminal Server Client | 2023-12-10 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other versions, allow user-assisted remote attackers to execute arbitrary code via a .RDP file with a long (1) username, (2) password, or (3) domain argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-4854 | 1 Zuitu | 1 Zuitu | 2023-12-10 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in ajax/coupon.php in Zuitu 1.6, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a consume action. | |||||
| CVE-2010-0647 | 2 Apple, Google | 2 Webkit, Chrome | 2023-12-10 | 9.3 HIGH | N/A |
| WebKit before r53525, as used in Google Chrome before 4.0.249.89, allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed RUBY element, as demonstrated by a <ruby>><table><rt> sequence. | |||||
| CVE-2010-0533 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in AFP Server in Apple Mac OS X before 10.6.3 allows remote attackers to list a share root's parent directory, and read and modify files in that directory, via unspecified vectors. | |||||
| CVE-2010-0683 | 1 Tibco | 1 Administrator | 2023-12-10 | 6.0 MEDIUM | N/A |
| Unspecified vulnerability in TIBRepoServer5.jar in TIBCO Administrator 5.4.0 through 5.6.0, when JMS transport is used, allows remote authenticated users to execute arbitrary code on all domain nodes via vectors related to leveraging administrative credentials. | |||||
| CVE-2010-2311 | 1 Power-tab | 1 Power Tab Editor | 2023-12-10 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Power Tab Editor 1.7 build 80 allows user-assisted remote attackers to execute arbitrary code via a .ptb file with a long font name. | |||||
| CVE-2010-1092 | 1 Scriptsfeed | 1 Business Directory Software | 2023-12-10 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.php in ScriptsFeed Business Directory Software allow remote attackers to execute arbitrary SQL commands via the (1) us and (2) ps parameters. | |||||
| CVE-2010-4421 | 1 Oracle | 1 Database Server | 2023-12-10 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2010-1462 | 1 Webasyst Llc | 1 Shop-script | 2023-12-10 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in WebAsyst Shop-Script FREE has unknown impact and attack vectors via the sub parameter. | |||||
| CVE-2011-2652 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted archive file list that is used in an overlay file. | |||||
| CVE-2011-4614 | 1 Typo3 | 1 Typo3 | 2023-12-10 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x before 4.5.9, 4.6.x before 4.6.2, and development versions of 4.7 allows remote attackers to execute arbitrary PHP code via a URL in the BACK_PATH parameter. | |||||
| CVE-2010-0167 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2023-12-10 | 9.3 HIGH | N/A |
| The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors related to (1) layout/generic/nsBlockFrame.cpp and (2) the _evaluate function in modules/plugin/base/src/nsNPAPIPlugin.cpp. | |||||
| CVE-2011-2642 | 1 Phpmyadmin | 1 Phpmyadmin | 2023-12-10 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3 and 3.4.x before 3.4.3.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name. | |||||
| CVE-2011-3990 | 1 Pukiwiki | 1 Pukiwiki Plus\! | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in plugin/comment.inc.php in PukiWiki Plus! 1.4.7plus-u2-i18n and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||