Total
11013 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-2822 | 2 Google, Microsoft | 2 Chrome, Windows | 2026-04-29 | 10.0 HIGH | N/A |
| Google Chrome before 13.0.782.215 on Windows does not properly parse URLs located on the command line, which has unspecified impact and attack vectors. | |||||
| CVE-2010-4044 | 1 Opera | 1 Opera Browser | 2026-04-29 | 4.3 MEDIUM | N/A |
| Opera before 10.63 does not ensure that the portion of a URL shown in the Address Bar contains the beginning of the URL, which allows remote attackers to spoof URLs by changing a window's size. | |||||
| CVE-2011-1118 | 1 Google | 1 Chrome | 2026-04-29 | 6.8 MEDIUM | N/A |
| Google Chrome before 9.0.597.107 does not properly handle TEXTAREA elements, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document. | |||||
| CVE-2010-4803 | 1 Mojolicious | 1 Mojolicious | 2026-04-29 | 10.0 HIGH | N/A |
| Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified impact and remote attack vectors. | |||||
| CVE-2011-1739 | 1 Freebsd | 1 Freebsd | 2026-04-29 | 4.3 MEDIUM | N/A |
| The makemask function in mountd.c in mountd in FreeBSD 7.4 through 8.2 does not properly handle a -network field specifying a CIDR block with a prefix length that is not an integer multiple of 8, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances via an NFS mount request. | |||||
| CVE-2013-1694 | 1 Mozilla | 3 Firefox, Thunderbird, Thunderbird Esr | 2026-04-29 | 7.5 HIGH | N/A |
| The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by leveraging unintended clearing of the wrapper cache's preserved-wrapper flag. | |||||
| CVE-2011-1110 | 1 Google | 1 Chrome | 2026-04-29 | 7.5 HIGH | N/A |
| Google Chrome before 9.0.597.107 does not properly implement key frame rules, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
| CVE-2011-3283 | 1 Cisco | 1 Carrier Routing System | 2026-04-29 | 5.0 MEDIUM | N/A |
| Cisco Carrier Routing System 3.9.1 allows remote attackers to cause a denial of service (Metro subsystem crash) via a fragmented GRE packet, aka Bug ID CSCts14887. | |||||
| CVE-2012-5445 | 1 Cisco | 3 Skinny Client Control Protocol Software, Unified Ip Phone, Unified Ip Phone 7906g | 2026-04-29 | 6.8 MEDIUM | N/A |
| The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 series devices (aka TNP phones) with software before 9.3.1-ES10 does not properly validate unspecified system calls, which allows attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a crafted binary. | |||||
| CVE-2013-0926 | 1 Google | 1 Chrome | 2026-04-29 | 6.8 MEDIUM | N/A |
| Google Chrome before 26.0.1410.43 does not properly handle active content in an EMBED element during a copy-and-paste operation, which allows user-assisted remote attackers to have an unspecified impact via a crafted web site. | |||||
| CVE-2010-2827 | 1 Cisco | 1 Ios | 2026-04-29 | 7.8 HIGH | N/A |
| Cisco IOS 15.1(2)T allows remote attackers to cause a denial of service (resource consumption and TCP outage) via spoofed TCP packets, related to embryonic TCP connections that remain in the SYN_RCVD or SYN_SENT state, aka Bug ID CSCti18193. | |||||
| CVE-2010-3620 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2026-04-29 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3629. | |||||
| CVE-2013-5496 | 1 Cisco | 1 Nx-os | 2026-04-29 | 6.3 MEDIUM | N/A |
| Open Network Environment Platform (ONEP) in Cisco NX-OS allows remote authenticated users to cause a denial of service (network-element reload) via a crafted packet, aka Bug ID CSCui51551. | |||||
| CVE-2013-5175 | 1 Apple | 1 Mac Os X | 2026-04-29 | 6.6 MEDIUM | N/A |
| The kernel in Apple Mac OS X before 10.9 allows local users to obtain sensitive information or cause a denial of service (out-of-bounds read and system crash) via a crafted Mach-O file. | |||||
| CVE-2013-6683 | 1 Cisco | 1 Nx-os | 2026-04-29 | 6.1 MEDIUM | N/A |
| The IPv6 implementation in Cisco NX-OS does not properly handle neighbor-table adjacencies, which allows remote attackers to cause a denial of service (NS processing outage) via a series of malformed packets, aka Bug ID CSCtd15904. | |||||
| CVE-2013-3954 | 1 Apple | 2 Iphone Os, Mac Os X | 2026-04-29 | 6.9 MEDIUM | N/A |
| The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate the data for file actions and port actions, which allows local users to (1) cause a denial of service (panic) via a size value that is inconsistent with a header count field, or (2) obtain sensitive information from kernel heap memory via a certain size value in conjunction with a crafted buffer. | |||||
| CVE-2013-1133 | 1 Cisco | 1 Unified Communications Manager | 2026-04-29 | 7.8 HIGH | N/A |
| Cisco Unified Communications Manager (CUCM) 8.6 before 8.6(2a)su2, 8.6 BE3k before 8.6(4) BE3k, and 9.x before 9.0(1) allows remote attackers to cause a denial of service (CPU consumption and GUI and voice outages) via malformed packets to unused UDP ports, aka Bug ID CSCtx43337. | |||||
| CVE-2010-2998 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2026-04-29 | 9.3 HIGH | N/A |
| Array index error in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.0.1 allows remote attackers to execute arbitrary code via malformed sample data in a RealMedia .IVR file, related to a "malformed IVR pointer index" issue. | |||||
| CVE-2011-3886 | 1 Google | 2 Chrome, V8 | 2026-04-29 | 6.8 MEDIUM | N/A |
| Google V8, as used in Google Chrome before 15.0.874.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers out-of-bounds write operations. | |||||
| CVE-2011-2842 | 2 Apple, Google | 2 Mac Os X, Chrome | 2026-04-29 | 7.5 HIGH | N/A |
| The installer in Google Chrome before 14.0.835.163 on Mac OS X does not properly handle lock files, which has unspecified impact and attack vectors. | |||||