Export limit exceeded: 364234 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 364234 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 23538 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23538 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-1948 | 2 Plone, Redhat | 2 Plone, Rhel Cluster | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2011-3000 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2025-04-11 | N/A |
| Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values. | ||||
| CVE-2010-3862 | 1 Redhat | 3 Jboss Enterprise Application Platform, Jboss Enterprise Web Platform, Jboss Remoting | 2025-04-11 | N/A |
| The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x before 2.2.3.SP4 and 2.5.x before 2.5.3.SP2 in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 through 4.3.0.CP09, and 5.1.0; and JBoss Enterprise Web Platform (aka JBEWP) 5.1.0; allows remote attackers to cause a denial of service (daemon outage) by establishing a bisocket control connection TCP session, and then not sending any application data. | ||||
| CVE-2010-2214 | 2 Adobe, Redhat | 4 Adobe Air, Flash Player, Flash Player For Linux and 1 more | 2025-04-11 | N/A |
| Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2216. | ||||
| CVE-2010-2211 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | N/A |
| Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2212. | ||||
| CVE-2010-3856 | 2 Gnu, Redhat | 2 Glibc, Enterprise Linux | 2025-04-11 | N/A |
| ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so. | ||||
| CVE-2010-2206 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | N/A |
| Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted GIF image in a PDF file, which bypasses a size check and triggers a heap-based buffer overflow. | ||||
| CVE-2010-2205 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | N/A |
| Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, access uninitialized memory, which allows attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2010-3853 | 2 Linux-pam, Redhat | 2 Linux-pam, Enterprise Linux | 2025-04-11 | N/A |
| pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pam_namespace PAM check, as demonstrated by the sudo program. | ||||
| CVE-2010-2202 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | N/A |
| Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. | ||||
| CVE-2010-0212 | 2 Openldap, Redhat | 2 Openldap, Enterprise Linux | 2025-04-11 | N/A |
| OpenLDAP 2.4.22 allows remote attackers to cause a denial of service (crash) via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite. | ||||
| CVE-2011-0712 | 3 Canonical, Linux, Redhat | 3 Ubuntu Linux, Linux Kernel, Enterprise Linux | 2025-04-11 | N/A |
| Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might allow attackers to cause a denial of service or possibly have unspecified other impact via a long USB device name, related to (1) the snd_usb_caiaq_audio_init function in sound/usb/caiaq/audio.c and (2) the snd_usb_caiaq_midi_init function in sound/usb/caiaq/midi.c. | ||||
| CVE-2011-1959 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2025-04-11 | N/A |
| The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read. | ||||
| CVE-2010-5076 | 3 Digia, Qt, Redhat | 3 Qt, Qt, Enterprise Linux | 2025-04-11 | N/A |
| QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. | ||||
| CVE-2010-0203 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | N/A |
| Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0202. | ||||
| CVE-2010-0202 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | N/A |
| Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0203. | ||||
| CVE-2010-0198 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | N/A |
| Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0199, CVE-2010-0202, and CVE-2010-0203. | ||||
| CVE-2010-2187 | 3 Adobe, Macromedia, Redhat | 4 Air, Flash Player, Flash Player and 1 more | 2025-04-11 | N/A |
| Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2188. | ||||
| CVE-2010-0194 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | N/A |
| Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0197, CVE-2010-0201, and CVE-2010-0204. | ||||
| CVE-2011-2482 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2025-04-11 | 7.5 High |
| A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet. | ||||