Export limit exceeded: 35583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (6832 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-4248 | 1 Realnetworks | 1 Realplayer | 2025-04-11 | N/A |
| RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed AAC file. | ||||
| CVE-2011-4237 | 1 Cisco | 2 Ciscoworks Common Services, Prime Lan Management Solution | 2025-04-11 | N/A |
| CRLF injection vulnerability in autologin.jsp in Cisco CiscoWorks Common Services 4.0, as used in Cisco Prime LAN Management Solution and other products, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the URL parameter, aka Bug ID CSCtu18693. | ||||
| CVE-2013-0614 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2025-04-11 | N/A |
| Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0611, and CVE-2013-0618. | ||||
| CVE-2012-0138 | 1 Microsoft | 1 Visio Viewer | 2025-04-11 | N/A |
| Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0137. | ||||
| CVE-2010-0647 | 2 Apple, Google | 2 Webkit, Chrome | 2025-04-11 | N/A |
| WebKit before r53525, as used in Google Chrome before 4.0.249.89, allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed RUBY element, as demonstrated by a <ruby>><table><rt> sequence. | ||||
| CVE-2010-1055 | 1 Tufat | 1 Osdate | 2025-04-11 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in osDate 2.1.9 and 2.5.4, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the config[forum_installed] parameter to (1) forum/adminLogin.php and (2) forum/userLogin.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1153 | 1 Typo3 | 1 Typo3 | 2025-04-11 | N/A |
| PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable. | ||||
| CVE-2013-1965 | 1 Apache | 2 Struts, Struts2-showcase | 2025-04-11 | N/A |
| Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.3, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect. | ||||
| CVE-2010-2358 | 1 Jeffkilroy | 1 Nakid Cms | 2025-04-11 | N/A |
| PHP remote file inclusion vulnerability in modules/catalog/upload_photo.php in Nakid CMS 0.5.2, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the core[system_path] parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-3832 | 1 Sitracker | 1 Support Incident Tracker | 2025-04-11 | N/A |
| Eval injection vulnerability in config.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated administrators to execute arbitrary PHP code via the application_name parameter in a save action. | ||||
| CVE-2011-3412 | 1 Microsoft | 1 Publisher | 2025-04-11 | N/A |
| Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect memory handling, aka "Publisher Memory Corruption Vulnerability." | ||||
| CVE-2013-0758 | 5 Canonical, Mozilla, Opensuse and 2 more | 16 Ubuntu Linux, Firefox, Seamonkey and 13 more | 2025-04-11 | N/A |
| Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging improper interaction between plugin objects and SVG elements. | ||||
| CVE-2011-3403 | 1 Microsoft | 2 Excel, Office | 2025-04-11 | N/A |
| Microsoft Excel 2003 SP3 and Office 2004 for Mac do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet, aka "Record Memory Corruption Vulnerability." | ||||
| CVE-2010-2748 | 1 Microsoft | 2 Office, Word | 2025-04-11 | N/A |
| Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly check an unspecified boundary during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Boundary Check Vulnerability." | ||||
| CVE-2010-1260 | 1 Microsoft | 7 Ie, Internet Explorer, Windows 2003 Server and 4 more | 2025-04-11 | 7.5 High |
| The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability." | ||||
| CVE-2010-1261 | 1 Microsoft | 6 Internet Explorer, Windows 2003 Server, Windows 7 and 3 more | 2025-04-11 | N/A |
| The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability." | ||||
| CVE-2013-0912 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| WebKit in Google Chrome before 25.0.1364.160 allows remote attackers to execute arbitrary code via vectors that leverage "type confusion." | ||||
| CVE-2011-3378 | 2 Redhat, Rpm | 5 Enterprise Linux, Rhel Els, Rhel Eus and 2 more | 2025-04-11 | N/A |
| RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c. | ||||
| CVE-2011-3285 | 1 Cisco | 2 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software | 2025-04-11 | N/A |
| CRLF injection vulnerability in /+CSCOE+/logon.html on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCth63101. | ||||
| CVE-2012-0182 | 1 Microsoft | 1 Word | 2025-04-11 | N/A |
| Microsoft Word 2007 SP2 and SP3 does not properly handle memory during the parsing of Word documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "Word PAPX Section Corruption Vulnerability." | ||||