Export limit exceeded: 363701 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23530 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-4619 | 2 Openssl, Redhat | 4 Openssl, Enterprise Linux, Jboss Enterprise Application Platform and 1 more | 2025-04-11 | N/A |
| The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||||
| CVE-2011-4610 | 1 Redhat | 6 Jboss Communications Platform, Jboss Enterprise Application Platform, Jboss Enterprise Brms Platform and 3 more | 2025-04-11 | N/A |
| JBoss Web, as used in Red Hat JBoss Communications Platform before 5.1.3, Enterprise Web Platform before 5.1.2, Enterprise Application Platform before 5.1.2, and other products, allows remote attackers to cause a denial of service (infinite loop) via vectors related to a crafted UTF-8 and a "surrogate pair character" that is "at the boundary of an internal buffer." | ||||
| CVE-2011-4603 | 2 Pidgin, Redhat | 2 Pidgin, Enterprise Linux | 2025-04-11 | N/A |
| The silc_channel_message function in ops.c in the SILC protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attackers to cause a denial of service (application crash) via a crafted message, a different vulnerability than CVE-2011-3594. | ||||
| CVE-2011-4601 | 2 Pidgin, Redhat | 2 Pidgin, Enterprise Linux | 2025-04-11 | N/A |
| family_feedbag.c in the oscar protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attackers to cause a denial of service (application crash) via a crafted (1) AIM or (2) ICQ message associated with buddy-list addition. | ||||
| CVE-2011-4594 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-11 | 5.5 Medium |
| The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference. | ||||
| CVE-2012-2749 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2025-04-11 | N/A |
| MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index. | ||||
| CVE-2012-1667 | 2 Isc, Redhat | 3 Bind, Enterprise Linux, Rhel Els | 2025-04-11 | N/A |
| ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record. | ||||
| CVE-2012-0769 | 7 Adobe, Apple, Google and 4 more | 8 Flash Player, Flash Player For Android, Mac Os X and 5 more | 2025-04-11 | N/A |
| Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2012-0773 | 8 Adobe, Apple, Google and 5 more | 9 Adobe Air, Flash Player, Mac Os X and 6 more | 2025-04-11 | N/A |
| The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows, Mac OS X, and Linux; Flash Player before 10.3.183.18 and 11.x before 11.2.202.223 on Solaris; Flash Player before 11.1.111.8 on Android 2.x and 3.x; and AIR before 3.2.0.2070 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | ||||
| CVE-2012-0775 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2025-04-11 | N/A |
| The JavaScript implementation in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | ||||
| CVE-2012-0779 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2025-04-11 | N/A |
| Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; before 11.1.111.9 on Android 2.x and 3.x; and before 11.1.115.8 on Android 4.x allows remote attackers to execute arbitrary code via a crafted file, related to an "object confusion vulnerability," as exploited in the wild in May 2012. | ||||
| CVE-2012-0789 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2025-04-11 | N/A |
| Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service (memory consumption) by triggering many strtotime function calls, which are not properly handled by the php_date_parse_tzfile cache. | ||||
| CVE-2011-3607 | 2 Apache, Redhat | 3 Http Server, Enterprise Linux, Jboss Enterprise Web Server | 2025-04-11 | N/A |
| Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow. | ||||
| CVE-2012-2745 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-11 | N/A |
| The copy_creds function in kernel/cred.c in the Linux kernel before 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users to cause a denial of service (panic) via a crafted application that uses the fork system call. | ||||
| CVE-2012-2744 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2025-04-11 | N/A |
| net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel before 2.6.34, when the nf_conntrack_ipv6 module is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via certain types of fragmented IPv6 packets. | ||||
| CVE-2012-4573 | 2 Openstack, Redhat | 4 Essex, Folsom, Image Registry And Delivery Service \(glance\) and 1 more | 2025-04-11 | N/A |
| The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482. | ||||
| CVE-2012-0583 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2025-04-11 | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM. | ||||
| CVE-2012-2734 | 2 Redhat, Trevor Mckay | 2 Enterprise Mrg, Cumin | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to hijack the authentication of arbitrary users for requests that execute commands via unspecified vectors. | ||||
| CVE-2012-0805 | 2 Redhat, Sqlalchemy | 2 Enterprise Linux, Sqlalchemy | 2025-04-11 | N/A |
| Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the select function, or unspecified vectors to the (3) select.limit or (4) select.offset function. | ||||
| CVE-2011-4746 | 2 Parallels, Redhat | 2 Parallels Plesk Panel, Enterprise Linux | 2025-04-11 | N/A |
| The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 does not disable the SSL 2.0 protocol, which makes it easier for remote attackers to conduct spoofing attacks by leveraging protocol weaknesses. | ||||