Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4599 | 1 Ecava | 1 Integraxor | 2025-04-11 | N/A |
| Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-5212 | 1 Adobe | 1 Livecycle Designer Es2 | 2025-04-11 | N/A |
| Untrusted search path vulnerability in Adobe LiveCycle Designer ES2 9.0.0.20091029.1.612548 allows local users to gain privileges via a Trojan horse objectassisten_US.dll file in the current working directory, as demonstrated by a directory that contains a .tds file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-2579 | 3 Apple, Linux, Realnetworks | 4 Mac Os X, Linux Kernel, Realplayer and 1 more | 2025-04-11 | N/A |
| The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 does not properly initialize the number of channels, which allows attackers to obtain unspecified "memory access" via unknown vectors. | ||||
| CVE-2012-3924 | 1 Cisco | 1 Ios | 2025-04-11 | N/A |
| The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCty97961. | ||||
| CVE-2010-5226 | 1 Autodesk | 1 Design Review 2011 | 2025-04-11 | N/A |
| Multiple untrusted search path vulnerabilities in Autodesk Design Review 2011 11.0.0.86 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll, (2) whiptk_wt.7.12.601.dll, or (3) xaml_wt.7.6.0.dll file in the current working directory, as demonstrated by a directory that contains a .dwf file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-1612 | 2 Ibm, Qlogic | 6 Websphere Datapower B2b Appliance Xb60, Websphere Datapower Datapower Integration Appliance Xi50, Websphere Datapower Low Latency Appliance Xm70 and 3 more | 2025-04-11 | N/A |
| The IBM WebSphere DataPower XML Accelerator XA35, Low Latency Appliance XM70, Integration Appliance XI50, B2B Appliance XB60, and XML Security Gateway XS40 SOA Appliances before 3.8.0.0, when a QLOGIC Ethernet interface is used, allow remote attackers to cause a denial of service (interface outage) via malformed ICMP packets to the 0.0.0.0 destination IP address. | ||||
| CVE-2011-4733 | 3 Microsoft, Parallels, Redhat | 3 Windows, Parallels Plesk Panel, Enterprise Linux | 2025-04-11 | N/A |
| The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving smb/admin-home/disable-featured-applications-promo and certain other files. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue. | ||||
| CVE-2011-1132 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options. | ||||
| CVE-2012-6139 | 2 Opensuse, Xmlsoft | 2 Opensuse, Libxslt | 2025-04-11 | N/A |
| libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functions.c. | ||||
| CVE-2012-6081 | 1 Moinmo | 1 Moinmoin | 2025-04-11 | N/A |
| Multiple unrestricted file upload vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, as exploited in the wild in July 2012. | ||||
| CVE-2011-3481 | 2 Cmu, Redhat | 2 Cyrus Imap Server, Enterprise Linux | 2025-04-11 | N/A |
| The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message. | ||||
| CVE-2012-4337 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Windows 7, Windows Xp | 2025-04-11 | N/A |
| Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number during processing of cross references. | ||||
| CVE-2010-5265 | 1 Nirsoft | 1 Smartsniff | 2025-04-11 | N/A |
| Untrusted search path vulnerability in SmartSniff 1.71 allows local users to gain privileges via a Trojan horse wpcap.dll file in the current working directory, as demonstrated by a directory that contains a .cfg or .ssp file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-3964 | 1 Microsoft | 1 Sharepoint Server | 2025-04-11 | N/A |
| Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Malformed Request Code Execution Vulnerability." | ||||
| CVE-2010-2285 | 1 Wireshark | 1 Wireshark | 2025-04-11 | N/A |
| The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. | ||||
| CVE-2011-4732 | 3 Microsoft, Parallels, Redhat | 3 Windows, Parallels Plesk Panel, Enterprise Linux | 2025-04-11 | N/A |
| The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving account/power-mode-logout and certain other files. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue. | ||||
| CVE-2011-3690 | 1 Plotsoft | 1 Pdfill Pdf Editor | 2025-04-11 | N/A |
| Untrusted search path vulnerability in PlotSoft PDFill PDF Editor 8.0 allows local users to gain privileges via a Trojan horse mfc70enu.dll or mfc80loc.dll in the current working directory. | ||||
| CVE-2013-4236 | 1 Redhat | 3 Enterprise Linux, Enterprise Virtualization, Rhev Manager | 2025-04-11 | N/A |
| VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167. | ||||
| CVE-2011-5155 | 1 Helpandmanual | 1 Help \& Manual | 2025-04-11 | N/A |
| Untrusted search path vulnerability in Help & Manual 5.5.1 Build 1296 allows local users to gain privileges via a Trojan horse ijl15.dll file in the current working directory, as demonstrated by a directory that contains a .hmxz, .hmxp, .hmskin, .hmx, .hm3, .hpj, .hlp, or .chm file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2013-4154 | 1 Redhat | 1 Libvirt | 2025-04-11 | N/A |
| The qemuAgentCommand function in libvirt before 1.1.1, when a guest agent is not configured, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to "agent based cpu (un)plug," as demonstrated by the "virsh vcpucount foobar --guest" command. | ||||