Total
29456 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-5210 | 1 Soraxsoft | 1 Sorax Reader | 2025-04-11 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in Sorax Reader 2.0.3129.70 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-5032 | 1 Winmount | 1 Winmount | 2025-04-11 | 4.9 MEDIUM | N/A |
| WMDrive.sys 3.4.181.224 in WinMount 3.5.1018 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted 0x87342000 IOCTL request to the WMDriver device. | |||||
| CVE-2012-0860 | 1 Redhat | 1 Enterprise Virtualization Manager | 2025-04-11 | 6.2 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when adding a host, allow local users to gain privileges via a Trojan horse (1) deployUtil.py or (2) vds_bootstrap.py Python module in /tmp/. | |||||
| CVE-2010-2283 | 1 Wireshark | 1 Wireshark | 2025-04-11 | 3.3 LOW | N/A |
| The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. | |||||
| CVE-2013-1164 | 1 Cisco | 7 Asr 1001, Asr 1002, Asr 1002-x and 4 more | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco IOS XE 3.4 before 3.4.4S, 3.5, and 3.6 on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 multicast packets, aka Bug ID CSCtz97563. | |||||
| CVE-2012-0958 | 1 Ps Project Management Team | 1 Unity-firefox-extension | 2025-04-11 | 4.3 MEDIUM | N/A |
| content/unity-api.js in the unity-firefox-extension extension 2.4.1 for Firefox exposes the toDataURL function in an API call, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted webpage. | |||||
| CVE-2012-3437 | 1 Imagemagick | 1 Imagemagick | 2025-04-11 | 4.3 MEDIUM | N/A |
| The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation. | |||||
| CVE-2012-3730 | 1 Apple | 1 Iphone Os | 2025-04-11 | 4.3 MEDIUM | N/A |
| Mail in Apple iOS before 6 does not properly handle reuse of Content-ID header values, which allows remote attackers to spoof attachments via a header value that was also used in a previous e-mail message, as demonstrated by a message from a different sender. | |||||
| CVE-2010-0151 | 1 Cisco | 11 5500 Series Adaptive Security Appliance, 5505 Series Adaptive Security Appliance, 5510 Series Adaptive Security Appliance and 8 more | 2025-04-11 | 7.8 HIGH | N/A |
| The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used in for the Cisco Catalyst 6500 switches, Cisco 7600 routers, and ASA 5500 Adaptive Security Appliances, allows remote attackers to cause a denial of service (crash) via a malformed Skinny Client Control Protocol (SCCP) message. | |||||
| CVE-2012-2764 | 2 Google, Microsoft | 2 Chrome, Windows | 2025-04-11 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in Google Chrome before 20.0.1132.43 on Windows might allow local users to gain privileges via a Trojan horse Metro DLL in the current working directory. | |||||
| CVE-2011-2401 | 1 Hp | 1 Sitescope | 2025-04-11 | 8.3 HIGH | N/A |
| Session fixation vulnerability in HP SiteScope 9.x, 10.x, and 11.x allows remote attackers to hijack web sessions via unspecified vectors. | |||||
| CVE-2011-1975 | 1 Microsoft | 2 Windows 7, Windows Server 2008 | 2025-04-11 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in the Data Access Tracing component in Windows Data Access Components (Windows DAC) 6.0 in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an Excel .xlsx file, aka "Data Access Components Insecure Library Loading Vulnerability." | |||||
| CVE-2010-0408 | 1 Apache | 1 Http Server | 2025-04-11 | 5.0 MEDIUM | N/A |
| The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service (backend server outage) via a crafted request, related to use of a 500 error code instead of the appropriate 400 error code. | |||||
| CVE-2012-3693 | 1 Apple | 1 Safari | 2025-04-11 | 5.0 MEDIUM | N/A |
| Incomplete blacklist vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, by leveraging the availability of IDN support and Unicode fonts to construct unspecified homoglyphs. | |||||
| CVE-2012-2832 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| The image-codec implementation in the PDF functionality in Google Chrome before 20.0.1132.43 does not initialize an unspecified pointer, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. | |||||
| CVE-2010-5267 | 1 Munsoft | 1 Easy Office Recovery | 2025-04-11 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in MunSoft Easy Office Recovery 1.1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .doc, .xls, or .ppt file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5217 | 1 Tuneup | 2 Tuneup Utilities 2009, Tuneup Utilities 2010 | 2025-04-11 | 6.9 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in TuneUp Utilities 2009 8.0.3310 and 2010 9.0.4600 allow local users to gain privileges via a Trojan horse (1) wscapi.dll or (2) vclib32.dll file in the current working directory, as demonstrated by a directory that contains a .tvs file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2011-0902 | 2 Oracle, Sun | 2 Sun Microsystems Sunscreen Firewall, Sunos | 2025-04-11 | 6.9 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in the Java Service in Sun Microsystems SunScreen Firewall on SunOS 5.9 allow local users to execute arbitrary code via a modified (1) PATH or (2) LD_LIBRARY_PATH environment variable. | |||||
| CVE-2010-3838 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-11 | 4.0 MEDIUM | N/A |
| MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table." | |||||
| CVE-2010-3148 | 1 Microsoft | 1 Visio | 2025-04-11 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privileges via a Trojan horse mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .vsd, .vdx, .vst, or .vtx file, aka "Microsoft Visio Insecure Library Loading Vulnerability." | |||||