Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2011-2462 | 10.0 |
Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory
|
28-06-2024 - 14:21 | 07-12-2011 - 19:55 | |
CVE-2011-2526 | 4.4 |
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restri
|
13-02-2023 - 01:20 | 14-07-2011 - 23:55 | |
CVE-2005-2829 | 5.1 |
Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 allow user-assisted attackers to execute arbitrary code by (1) overlaying a malicious new window above a file download box, then (2) using a keyboard shortcut and delaying the dis
|
23-07-2021 - 12:55 | 14-12-2005 - 11:03 | |
CVE-2011-3408 | 7.2 |
Csrsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not proper
|
28-09-2020 - 12:58 | 14-12-2011 - 00:55 | |
CVE-2011-3414 | 7.8 |
The CaseInsensitiveHashProvider.getHashCode function in the HashTable implementation in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 computes hash values for form parameters without restricting the abili
|
28-09-2020 - 12:58 | 30-12-2011 - 01:55 | |
CVE-2011-3414 | 7.8 |
The CaseInsensitiveHashProvider.getHashCode function in the HashTable implementation in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 computes hash values for form parameters without restricting the abili
|
28-09-2020 - 12:58 | 30-12-2011 - 01:55 | |
CVE-2011-3408 | 7.2 |
Csrsrv.dll in the Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not proper
|
28-09-2020 - 12:58 | 14-12-2011 - 00:55 | |
CVE-2012-0015 | 9.3 |
Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate the length of an unspecified buffer, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET applicati
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2012-0015 | 9.3 |
Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate the length of an unspecified buffer, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET applicati
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2011-0780 | 6.8 |
The PDF event handler in Google Chrome before 9.0.597.84 does not properly interact with print operations, which allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unkn
|
04-06-2020 - 20:45 | 04-02-2011 - 18:00 | |
CVE-2011-0779 | 5.0 |
Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows remote attackers to cause a denial of service (application crash) via a crafted extension.
|
04-06-2020 - 20:43 | 04-02-2011 - 18:00 | |
CVE-2011-0777 | 7.5 |
Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to image loading.
|
04-06-2020 - 20:41 | 04-02-2011 - 18:00 | |
CVE-2011-0982 | 10.0 |
Use-after-free vulnerability in Google Chrome before 9.0.597.94 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG font faces.
|
04-06-2020 - 19:33 | 10-02-2011 - 19:00 | |
CVE-2011-0983 | 7.5 |
Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
|
04-06-2020 - 19:33 | 10-02-2011 - 19:00 | |
CVE-2011-1122 | 5.0 |
The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960.
|
04-06-2020 - 19:24 | 01-03-2011 - 23:00 | |
CVE-2011-1124 | 7.5 |
Use-after-free vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to blocked plug-ins.
|
04-06-2020 - 19:17 | 01-03-2011 - 23:00 | |
CVE-2011-1119 | 7.5 |
Google Chrome before 9.0.597.107 does not properly determine device orientation, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
|
04-06-2020 - 19:03 | 01-03-2011 - 23:00 | |
CVE-2011-0985 | 7.5 |
Google Chrome before 9.0.597.94 does not properly perform process termination upon memory exhaustion, which has unspecified impact and remote attack vectors.
|
04-06-2020 - 17:30 | 10-02-2011 - 19:00 | |
CVE-2011-1198 | 7.5 |
The video functionality in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger use of a malformed "out-of-bounds structure."
|
03-06-2020 - 21:16 | 11-03-2011 - 02:01 | |
CVE-2011-1285 | 7.5 |
The regular-expression functionality in Google Chrome before 10.0.648.127 does not properly implement reentrancy, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vec
|
03-06-2020 - 18:57 | 11-03-2011 - 02:01 | |
CVE-2011-1199 | 7.5 |
Google Chrome before 10.0.648.127 does not properly handle DataView objects, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.
|
03-06-2020 - 18:45 | 11-03-2011 - 02:01 | |
CVE-2011-1195 | 7.5 |
Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "document script lifetime handling."
|
03-06-2020 - 18:42 | 11-03-2011 - 02:01 | |
CVE-2011-1465 | 5.0 |
The SPDY implementation in net/http/http_network_transaction.cc in Google Chrome before 11.0.696.14 drains the bodies from SPDY responses, which might allow remote SPDY servers to cause a denial of service (application exit) by canceling a stream.
|
03-06-2020 - 15:19 | 20-03-2011 - 02:00 | |
CVE-2011-1301 | 9.3 |
Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.
|
29-05-2020 - 21:01 | 15-04-2011 - 19:55 | |
CVE-2011-1291 | 7.5 |
Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer error."
|
29-05-2020 - 20:37 | 25-03-2011 - 19:55 | |
CVE-2011-1445 | 6.8 |
Google Chrome before 11.0.696.57 does not properly handle SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
22-05-2020 - 18:25 | 03-05-2011 - 22:55 | |
CVE-2011-1446 | 5.8 |
Google Chrome before 11.0.696.57 allows remote attackers to spoof the URL bar via vectors involving (1) a navigation error or (2) an interrupted load.
|
22-05-2020 - 17:48 | 03-05-2011 - 22:55 | |
CVE-2011-1435 | 5.0 |
Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, which allows remote attackers to read local files via a crafted extension.
|
22-05-2020 - 17:32 | 03-05-2011 - 22:55 | |
CVE-2011-1814 | 5.8 |
Google Chrome before 12.0.742.91 attempts to read data from an uninitialized pointer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
22-05-2020 - 15:21 | 09-06-2011 - 19:55 | |
CVE-2011-1812 | 7.5 |
Google Chrome before 12.0.742.91 allows remote attackers to bypass intended access restrictions via vectors related to extensions.
|
22-05-2020 - 14:52 | 09-06-2011 - 19:55 | |
CVE-2011-2793 | 6.8 |
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media selectors.
|
21-05-2020 - 01:13 | 03-08-2011 - 00:55 | |
CVE-2011-2805 | 6.8 |
Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors.
|
20-05-2020 - 15:40 | 03-08-2011 - 00:55 | |
CVE-2011-2794 | 6.8 |
Google Chrome before 13.0.782.107 does not properly perform text iteration, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
20-05-2020 - 15:35 | 03-08-2011 - 00:55 | |
CVE-2011-2784 | 2.1 |
Google Chrome before 13.0.782.107 allows remote attackers to obtain sensitive information via a request for the GL program log, which reveals a local path in an unspecified log entry.
|
20-05-2020 - 15:18 | 03-08-2011 - 00:55 | |
CVE-2011-2361 | 4.3 |
The Basic Authentication dialog implementation in Google Chrome before 13.0.782.107 does not properly handle strings, which might make it easier for remote attackers to capture credentials via a crafted web site.
|
20-05-2020 - 15:15 | 03-08-2011 - 00:55 | |
CVE-2011-2792 | 6.8 |
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float removal.
|
20-05-2020 - 01:49 | 03-08-2011 - 00:55 | |
CVE-2011-2787 | 4.3 |
Google Chrome before 13.0.782.107 does not properly address re-entrancy issues associated with the GPU lock, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
|
19-05-2020 - 15:13 | 03-08-2011 - 00:55 | |
CVE-2011-2824 | 7.5 |
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes.
|
19-05-2020 - 13:48 | 29-08-2011 - 15:55 | |
CVE-2011-2829 | 7.5 |
Integer overflow in Google Chrome before 13.0.782.215 on 32-bit platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving uniform arrays.
|
19-05-2020 - 13:33 | 29-08-2011 - 15:55 | |
CVE-2011-3873 | 6.8 |
Google Chrome before 14.0.835.202 does not properly implement shader translation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
|
11-05-2020 - 16:30 | 04-10-2011 - 20:55 | |
CVE-2011-2859 | 6.8 |
Google Chrome before 14.0.835.163 uses incorrect permissions for non-gallery pages, which has unspecified impact and attack vectors.
|
08-05-2020 - 19:23 | 19-09-2011 - 12:02 | |
CVE-2011-2852 | 6.8 |
Off-by-one error in Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
08-05-2020 - 19:11 | 19-09-2011 - 12:02 | |
CVE-2011-2843 | 5.0 |
Google Chrome before 14.0.835.163 does not properly handle media buffers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
08-05-2020 - 19:00 | 19-09-2011 - 12:02 | |
CVE-2011-2857 | 6.8 |
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller.
|
08-05-2020 - 17:14 | 19-09-2011 - 12:02 | |
CVE-2011-2858 | 5.0 |
Google Chrome before 14.0.835.163 does not properly handle triangle arrays, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
08-05-2020 - 16:26 | 19-09-2011 - 12:02 | |
CVE-2011-3913 | 7.5 |
Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling.
|
08-05-2020 - 14:28 | 13-12-2011 - 21:55 | |
CVE-2011-3912 | 7.5 |
Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters.
|
08-05-2020 - 14:25 | 13-12-2011 - 21:55 | |
CVE-2011-3972 | 5.0 |
The shader translator implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
08-05-2020 - 13:44 | 09-02-2012 - 04:10 | |
CVE-2011-3909 | 5.0 |
The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors.
|
07-05-2020 - 20:19 | 13-12-2011 - 21:55 | |
CVE-2011-3906 | 5.0 |
The PDF parser in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
07-05-2020 - 19:24 | 13-12-2011 - 21:55 | |
CVE-2011-3915 | 7.5 |
Buffer overflow in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF fonts.
|
07-05-2020 - 19:11 | 13-12-2011 - 21:55 | |
CVE-2011-3919 | 7.5 |
Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
07-05-2020 - 19:05 | 07-01-2012 - 11:55 | |
CVE-2011-3925 | 7.5 |
Use-after-free vulnerability in the Safe Browsing feature in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors related to a navigation
|
07-05-2020 - 18:37 | 24-01-2012 - 04:03 | |
CVE-2011-3926 | 7.5 |
Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
07-05-2020 - 18:36 | 24-01-2012 - 04:03 | |
CVE-2011-3910 | 5.0 |
Google Chrome before 16.0.912.63 does not properly handle YUV video frames, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
07-05-2020 - 13:51 | 13-12-2011 - 21:55 | |
CVE-2011-3964 | 5.8 |
Google Chrome before 17.0.963.46 does not properly implement the drag-and-drop feature, which makes it easier for remote attackers to spoof the URL bar via unspecified vectors.
|
17-04-2020 - 13:34 | 09-02-2012 - 04:10 | |
CVE-2011-3018 | 7.5 |
Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to path rendering.
|
16-04-2020 - 17:25 | 16-02-2012 - 20:55 | |
CVE-2011-3073 | 6.8 |
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG resources.
|
14-04-2020 - 14:28 | 05-04-2012 - 22:02 | |
CVE-2006-0002 | 7.5 |
Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulatio
|
09-04-2020 - 13:29 | 10-01-2006 - 22:03 | |
CVE-2002-0151 | 7.2 |
Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.
|
30-04-2019 - 14:27 | 04-04-2002 - 05:00 | |
CVE-2011-2455 | 10.0 |
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (me
|
29-11-2018 - 15:41 | 11-11-2011 - 16:55 | |
CVE-2011-2450 | 10.0 |
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (he
|
29-11-2018 - 15:37 | 11-11-2011 - 16:55 | |
CVE-2010-4476 | 5.0 |
The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows rem
|
30-10-2018 - 16:26 | 17-02-2011 - 19:00 | |
CVE-2011-0866 | 7.6 |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and
|
30-10-2018 - 16:26 | 14-06-2011 - 18:55 | |
CVE-2010-0846 | 7.5 |
Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: t
|
30-10-2018 - 16:26 | 01-04-2010 - 16:30 | |
CVE-2011-0862 | 10.0 |
Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and avail
|
30-10-2018 - 16:26 | 14-06-2011 - 18:55 | |
CVE-2004-1154 | 10.0 |
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of securit
|
30-10-2018 - 16:25 | 10-01-2005 - 05:00 | |
CVE-2005-2127 | 7.5 |
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for
|
19-10-2018 - 15:32 | 19-08-2005 - 04:00 | |
CVE-2006-1245 | 7.5 |
Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, a
|
18-10-2018 - 16:31 | 17-03-2006 - 01:02 | |
CVE-2007-6115 | 10.0 |
Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors.
|
15-10-2018 - 21:50 | 23-11-2007 - 20:46 | |
CVE-2007-6112 | 10.0 |
Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
|
15-10-2018 - 21:49 | 23-11-2007 - 20:46 | |
CVE-2011-3413 | 9.3 |
Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory
|
12-10-2018 - 22:01 | 14-12-2011 - 00:55 | |
CVE-2011-1983 | 9.3 |
Use-after-free vulnerability in Microsoft Office 2007 SP2 and SP3, Office 2010 Gold and SP1, and Office for Mac 2011 allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Use After Free Vulnerability."
|
12-10-2018 - 22:01 | 14-12-2011 - 00:55 | |
CVE-2005-2119 | 5.0 |
The MIDL_user_allocate function in the Microsoft Distributed Transaction Coordinator (MSDTC) proxy (MSDTCPRX.DLL) allocates a 4K page of memory regardless of the required size, which allows attackers to overwrite arbitrary memory locations using an i
|
12-10-2018 - 21:37 | 12-10-2005 - 13:04 | |
CVE-2002-1183 | 7.5 |
Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital certificates, allowing remote attackers to execute code, aka "New Variant of Certificate Validation Flaw Could Enable Identity Spoofing" (CAN-2002-0862).
|
12-10-2018 - 21:32 | 11-12-2002 - 05:00 | |
CVE-2008-1562 | 5.0 |
The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet, a different vulnerability than CVE-2006-5740.
|
11-10-2018 - 20:35 | 31-03-2008 - 22:44 | |
CVE-2010-0845 | 5.1 |
Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Per: http://www.ora
|
10-10-2018 - 19:54 | 01-04-2010 - 16:30 | |
CVE-2012-1796 | 7.2 |
Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as used in IBM DB2 9.5 before FP9 on UNIX, allows local users to gain privileges via unknown vectors.
|
10-01-2018 - 02:29 | 20-03-2012 - 20:55 | |
CVE-2011-3554 | 10.0 |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confident
|
06-01-2018 - 02:29 | 19-10-2011 - 21:55 | |
CVE-2010-4474 | 2.1 |
Unspecified vulnerability in the Java DB component in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows local users to affect confidentiality via unknown vectors related to Security, a similar vulnerability to CVE-2009-4269.
|
22-12-2017 - 02:29 | 17-02-2011 - 19:00 | |
CVE-2011-0788 | 7.6 |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, in
|
22-12-2017 - 02:29 | 14-06-2011 - 18:55 | |
CVE-2006-4331 | 5.0 |
Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark (formerly Ethereal) 0.99.2 allow remote attackers to cause a denial of service (crash) via unspecified vectors.
|
11-10-2017 - 01:31 | 24-08-2006 - 20:04 | |
CVE-2006-0436 | 7.2 |
Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain privileges via unknown attack vectors.
|
11-10-2017 - 01:30 | 26-01-2006 - 11:07 | |
CVE-2008-3794 | 6.8 |
Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and
|
29-09-2017 - 01:31 | 26-08-2008 - 15:41 | |
CVE-2008-3732 | 9.3 |
Integer overflow in the Open function in modules/demux/tta.c in VLC Media Player 0.8.6i allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TTA file, which triggers a heap-based bu
|
29-09-2017 - 01:31 | 20-08-2008 - 16:41 | |
CVE-2008-0296 | 10.0 |
Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.
|
29-09-2017 - 01:30 | 16-01-2008 - 22:00 | |
CVE-2011-3664 | 6.8 |
Mozilla Firefox before 9.0, Thunderbird before 9.0, and SeaMonkey before 2.6 on Mac OS X do not properly handle certain DOM frame deletions by plugins, which allows remote attackers to cause a denial of service (incorrect pointer dereference and appl
|
19-09-2017 - 01:34 | 21-12-2011 - 04:02 | |
CVE-2011-4694 | 9.3 |
Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote attackers to execute arbitrary code via a crafted SWF file, as demonstrated by the second of two vulnerabilities exploited by the Intevydis vd_adobe_fp
|
19-09-2017 - 01:34 | 07-12-2011 - 20:55 | |
CVE-2011-2989 | 10.0 |
The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement WebGL, which allows remote attackers to cause a denial of service (memory corruption and appl
|
19-09-2017 - 01:33 | 18-08-2011 - 18:55 | |
CVE-2011-2981 | 9.3 |
The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote attackers to bypass the Sam
|
19-09-2017 - 01:33 | 18-08-2011 - 18:55 | |
CVE-2011-0445 | 5.0 |
The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap.
|
19-09-2017 - 01:32 | 13-01-2011 - 01:00 | |
CVE-2011-1087 | 7.6 |
Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark
|
19-09-2017 - 01:32 | 03-05-2011 - 19:55 | |
CVE-2010-3737 | 3.5 |
Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (heap memory consumption) by executing a (1) user-defined function (UDF) or (2) stored procedure while
|
19-09-2017 - 01:31 | 05-10-2010 - 18:00 | |
CVE-2011-0067 | 5.0 |
Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the au
|
19-09-2017 - 01:31 | 07-05-2011 - 18:55 | |
CVE-2011-0084 | 10.0 |
The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text,
|
19-09-2017 - 01:31 | 18-08-2011 - 18:55 | |
CVE-2010-0645 | 9.3 |
Multiple integer overflows in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.
|
19-09-2017 - 01:30 | 18-02-2010 - 18:00 | |
CVE-2010-0462 | 6.5 |
Heap-based buffer overflow in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows remote authenticated users to have an unspecified impact via a SELECT statement that has a long column name generated with the REPEAT function.
|
19-09-2017 - 01:30 | 28-01-2010 - 20:30 | |
CVE-2010-0643 | 4.3 |
Google Chrome before 4.0.249.89 attempts to make direct connections to web sites when all configured proxy servers are unavailable, which allows remote HTTP servers to obtain potentially sensitive information about the identity of a client user via s
|
19-09-2017 - 01:30 | 18-02-2010 - 18:00 | |
CVE-2010-0656 | 4.3 |
WebKit before r51295, as used in Google Chrome before 4.0.249.78, presents a directory-listing page in response to an XMLHttpRequest for a file:/// URL that corresponds to a directory, which allows attackers to obtain sensitive information or possibl
|
19-09-2017 - 01:30 | 18-02-2010 - 18:00 |