Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-0121 | 3 Apple, Linux, Realnetworks | 4 Mac Os X, Linux Kernel, Realplayer and 1 more | 2025-04-11 | N/A |
| The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 does not properly perform initialization, which has unspecified impact and attack vectors. | ||||
| CVE-2012-4936 | 1 Patterninsight | 1 Pattern Insight | 2025-04-11 | N/A |
| The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element. | ||||
| CVE-2012-4937 | 1 Patterninsight | 1 Pattern Insight | 2025-04-11 | N/A |
| Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsession_id cookie. | ||||
| CVE-2010-3364 | 1 Vips | 1 Vips | 2025-04-11 | N/A |
| The vips-7.22 script in VIPS 7.22.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | ||||
| CVE-2012-4944 | 1 Agilefleet | 2 Fleetcommander, Fleetcommander Kiosk | 2025-04-11 | N/A |
| Multiple unrestricted file upload vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary code by uploading a file via an unspecified page. | ||||
| CVE-2011-0452 | 1 Lunascape | 1 Lunascape | 2025-04-11 | N/A |
| Untrusted search path vulnerability in the script function in Lunascape before 6.4.3 allows local users to gain privileges via a Trojan horse executable file in the current working directory. | ||||
| CVE-2013-1361 | 1 Lenovo | 1 Thinkpad Bluetooth With Enhanced Data Rate Software | 2025-04-11 | N/A |
| Untrusted search path vulnerability in Lenovo Thinkpad Bluetooth with Enhanced Data Rate Software 6.4.0.2900 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as a file that is processed by Lenovo Bluetooth. | ||||
| CVE-2011-0450 | 2 Microsoft, Opera | 2 Windows, Opera Browser | 2025-04-11 | N/A |
| The downloads manager in Opera before 11.01 on Windows does not properly determine the pathname of the filesystem-viewing application, which allows user-assisted remote attackers to execute arbitrary code via a crafted web site that hosts an executable file. | ||||
| CVE-2010-3337 | 1 Microsoft | 1 Office | 2025-04-11 | N/A |
| Untrusted search path vulnerability in Microsoft Office 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Insecure Library Loading Vulnerability." NOTE: this might overlap CVE-2010-3141 and CVE-2010-3142. | ||||
| CVE-2011-3224 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| The User Documentation component in Apple Mac OS X through 10.6.8 uses http sessions for updates to App Store help information, which allows man-in-the-middle attackers to execute arbitrary code by spoofing the http server. | ||||
| CVE-2011-0458 | 1 Google | 1 Picasa | 2025-04-11 | N/A |
| Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory. | ||||
| CVE-2010-3999 | 1 Gnucash | 1 Gnucash | 2025-04-11 | N/A |
| gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | ||||
| CVE-2010-3355 | 1 Erik Hjortsberg | 1 Ember | 2025-04-11 | N/A |
| Ember 0.5.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | ||||
| CVE-2011-5032 | 1 Winmount | 1 Winmount | 2025-04-11 | N/A |
| WMDrive.sys 3.4.181.224 in WinMount 3.5.1018 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted 0x87342000 IOCTL request to the WMDriver device. | ||||
| CVE-2010-3363 | 1 Roaraudio | 1 Roaraudio | 2025-04-11 | N/A |
| roarify in roaraudio 0.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | ||||
| CVE-2011-3364 | 2 Gnome, Redhat | 3 Ifcfg-rh Plug-in, Networkmanager, Enterprise Linux | 2025-04-11 | N/A |
| Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file. | ||||
| CVE-2011-0502 | 1 Musanim | 1 Music Animation Machine Midi Player | 2025-04-11 | N/A |
| Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly other versions allows user-assisted remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a long line in a MIDI (.mid) file. | ||||
| CVE-2011-0515 | 2 Kingsoft, Kingsoftsecurity | 2 Kingsoft Antivirus, Kingsoft Antivirus | 2025-04-11 | N/A |
| KisKrnl.sys 2011.1.13.89 and earlier in Kingsoft AntiVirus 2011 SP5.2 allows local users to cause a denial of service (crash) via a crafted request that is not properly handled by the KiFastCallEntry hook. | ||||
| CVE-2013-3926 | 1 Atlassian | 1 Crowd | 2025-04-11 | N/A |
| Atlassian Crowd 2.6.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to a "symmetric backdoor." NOTE: as of 20130704, the vendor could not reproduce the issue, stating "We've been unable to substantiate the existence of [CVE-2013-3926]. The author of the article has not contacted Atlassian and has provided no detail, making it difficult to validate the claim... If we can confirm that there is a vulnerability, a patch will be issued. | ||||
| CVE-2012-0429 | 1 Microfocus | 1 Edirectory | 2025-04-11 | N/A |
| dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial of service (daemon crash) via crafted characters in an HTTP request. | ||||