Search Results (4046 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-1646 6 Canonical, Debian, Google and 3 more 11 Ubuntu Linux, Debian Linux, Chrome and 8 more 2026-04-21 8.8 High
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.
CVE-2016-5195 7 Canonical, Debian, Fedoraproject and 4 more 24 Ubuntu Linux, Debian Linux, Fedora and 21 more 2026-04-21 7.0 High
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
CVE-2005-1841 2 Adobe, Redhat 2 Acrobat Reader, Rhel Extras 2026-04-16 N/A
The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris, HP-UX, and AIX creates temporary files with the permissions as specified in a user's umask, which could allow local users to read PDF documents of that user if the umask allows it.
CVE-2005-2628 2 Macromedia, Redhat 2 Flash Player, Rhel Extras 2026-04-16 N/A
Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer.
CVE-2005-2922 2 Realnetworks, Redhat 6 Helix Player, Realone Player, Realplayer and 3 more 2026-04-16 N/A
Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header.
CVE-2005-0711 3 Mysql, Oracle, Redhat 4 Mysql, Mysql, Enterprise Linux and 1 more 2026-04-16 N/A
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
CVE-2005-0611 2 Realnetworks, Redhat 5 Helix Player, Realone Player, Realplayer and 2 more 2026-04-16 N/A
Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, allows remote attackers to execute arbitrary code via .WAV files.
CVE-2004-0387 2 Realnetworks, Redhat 3 Realone Player, Realplayer, Rhel Extras 2026-04-16 N/A
Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file.
CVE-2005-0189 2 Realnetworks, Redhat 3 Realone Player, Realplayer, Rhel Extras 2026-04-16 N/A
Stack-based buffer overflow in the HandleAction function in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to execute arbitrary code via a long ShowPreferences argument.
CVE-2006-3587 2 Adobe, Redhat 2 Flash Player, Rhel Extras 2026-04-16 N/A
Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to execute arbitrary commands via a malformed .swf file that results in "multiple improper memory access" errors.
CVE-2005-1080 2 Redhat, Sun 5 Enterprise Linux, Network Satellite, Rhel Extras and 2 more 2026-04-16 N/A
Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file.
CVE-2004-0630 2 Adobe, Redhat 2 Acrobat Reader, Rhel Extras 2026-04-16 N/A
The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command.
CVE-2006-0323 2 Realnetworks, Redhat 5 Helix Player, Realone Player, Realplayer and 2 more 2026-04-16 N/A
Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations.
CVE-2004-0550 2 Realnetworks, Redhat 2 Realplayer, Rhel Extras 2026-04-16 N/A
Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via a URL with a large number of "." (period) characters.
CVE-2005-0191 2 Realnetworks, Redhat 3 Realone Player, Realplayer, Rhel Extras 2026-04-16 N/A
Off-by-one buffer overflow in the processing of tags in Real Metadata Package (RMP) files in RealPlayer 10.5 (6.0.12.1040) and earlier could allow remote attackers to execute arbitrary code via a long tag.
CVE-2005-0755 2 Realnetworks, Redhat 5 Helix Player, Realone Player, Realplayer and 2 more 2026-04-16 N/A
Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file.
CVE-2005-0709 3 Mysql, Oracle, Redhat 4 Mysql, Mysql, Enterprise Linux and 1 more 2026-04-16 N/A
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
CVE-2005-0455 2 Realnetworks, Redhat 4 Realone Player, Realplayer, Enterprise Linux and 1 more 2026-04-16 N/A
Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value.
CVE-2006-4640 2 Adobe, Redhat 2 Flash Player, Rhel Extras 2026-04-16 N/A
Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows user-assisted remote attackers to bypass the allowScriptAccess protection via unspecified vectors.
CVE-2006-4339 2 Openssl, Redhat 4 Openssl, Enterprise Linux, Network Satellite and 1 more 2026-04-16 N/A
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.