Max CVSS | 9.3 | Min CVSS | 1.2 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2010-0013 | 5.0 |
Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) requ
|
26-01-2024 - 17:47 | 09-01-2010 - 18:30 | |
CVE-2006-2218 | 9.3 |
Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attackers to execute arbitrary code via "exceptional conditions" that trigger memory corruption, as demonstrated using an exception handler and nested object
|
23-07-2021 - 12:55 | 05-05-2006 - 12:46 | |
CVE-2006-1303 | 9.3 |
Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allow remote attackers to execute arbitrary code by instantiating certain COM objects from Wmm2fxa.dll as ActiveX controls including (1) DXImageTransfo
|
23-07-2021 - 12:55 | 13-06-2006 - 19:06 | |
CVE-2006-2380 | 4.3 |
Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication over SSL, which allows remote attackers to spoof an RPC server, aka the "RPC Mutual Authentication Vulnerability."
|
30-04-2019 - 14:27 | 13-06-2006 - 19:06 | |
CVE-2005-0061 | 7.2 |
The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests.
|
30-04-2019 - 14:27 | 02-05-2005 - 04:00 | |
CVE-2006-0012 | 5.1 |
Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "
|
30-04-2019 - 14:27 | 12-04-2006 - 00:02 | |
CVE-2004-0790 | 5.0 |
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have
|
30-10-2018 - 16:26 | 12-04-2005 - 04:00 | |
CVE-2013-0992 | 6.8 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability
|
30-10-2018 - 16:25 | 20-05-2013 - 14:44 | |
CVE-2013-1005 | 9.3 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability
|
30-10-2018 - 16:25 | 20-05-2013 - 14:44 | |
CVE-2013-1014 | 4.3 |
Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate.
|
30-10-2018 - 16:25 | 20-05-2013 - 14:44 | |
CVE-2013-1004 | 9.3 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability
|
30-10-2018 - 16:25 | 20-05-2013 - 14:44 | |
CVE-2006-5214 | 1.2 |
Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is perf
|
30-10-2018 - 16:25 | 10-10-2006 - 04:06 | |
CVE-2006-0014 | 5.1 |
Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book (WAB) file containing "certain Unicode strings" and modified length values.
|
19-10-2018 - 15:41 | 12-04-2006 - 00:02 | |
CVE-2006-1245 | 7.5 |
Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, a
|
18-10-2018 - 16:31 | 17-03-2006 - 01:02 | |
CVE-2013-2885 | 7.5 |
Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to not properly considering focus during the processing of JavaScript
|
13-08-2018 - 21:47 | 31-07-2013 - 13:20 | |
CVE-2012-3374 | 7.5 |
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message.
|
01-12-2017 - 02:29 | 07-07-2012 - 10:21 | |
CVE-2005-0256 | 5.0 |
The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir com
|
11-10-2017 - 01:29 | 02-05-2005 - 04:00 | |
CVE-2013-4927 | 7.8 |
Integer signedness error in the get_type_length function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop and CPU cons
|
19-09-2017 - 01:36 | 30-07-2013 - 00:56 |