Max CVSS | 9.3 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2013-1714 | 4.3 |
The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not properly restrict XMLHttpRequest calls, which allows remo
|
21-10-2024 - 13:55 | 07-08-2013 - 01:55 | |
CVE-2013-1712 | 6.9 |
Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Updater in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, and Thunderbird ESR 17.x before 17.0.8 on Windows 7, Windows Server 2008 R2, W
|
21-10-2024 - 13:55 | 07-08-2013 - 01:55 | |
CVE-2004-0119 | 7.5 |
The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenI
|
15-02-2024 - 21:44 | 01-06-2004 - 04:00 | |
CVE-2005-4089 | 7.1 |
Microsoft Internet Explorer allows remote attackers to bypass cross-domain security restrictions and obtain sensitive information by using the @import directive to download files from other domains that are not valid Cascading Style Sheets (CSS) file
|
23-07-2021 - 12:55 | 08-12-2005 - 11:03 | |
CVE-2006-1626 | 4.3 |
Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a
|
23-07-2021 - 12:55 | 05-04-2006 - 10:04 | |
CVE-2013-3186 | 7.6 |
The Protected Mode feature in Microsoft Internet Explorer 7 through 10 on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly implement the Integrity Access Level (aka
|
28-09-2020 - 12:58 | 14-08-2013 - 11:10 | |
CVE-2013-3186 | 7.6 |
The Protected Mode feature in Microsoft Internet Explorer 7 through 10 on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly implement the Integrity Access Level (aka
|
28-09-2020 - 12:58 | 14-08-2013 - 11:10 | |
CVE-2005-1218 | 5.0 |
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
|
30-04-2019 - 14:27 | 10-08-2005 - 04:00 | |
CVE-2013-1846 | 4.0 |
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL. Per http://lists.o
|
30-10-2018 - 16:27 | 02-05-2013 - 14:55 | |
CVE-2013-3855 | 9.3 |
Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerab
|
12-10-2018 - 22:05 | 11-09-2013 - 14:03 | |
CVE-2013-3190 | 9.3 |
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
|
12-10-2018 - 22:04 | 14-08-2013 - 11:10 | |
CVE-2006-0025 | 9.3 |
Stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 allows remote attackers to execute arbitrary code via a PNG image with a large chunk size.
|
12-10-2018 - 21:38 | 13-06-2006 - 19:06 | |
CVE-2008-2955 | 4.3 |
Pidgin 2.4.1 allows remote attackers to cause a denial of service (crash) via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msn_slplink_process_msg function.
|
11-10-2018 - 20:45 | 01-07-2008 - 22:41 | |
CVE-2012-1178 | 5.0 |
The msn_oim_report_to_user function in oim.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.2 allows remote servers to cause a denial of service (application crash) via an OIM message that lacks UTF-8 encoding.
|
18-01-2018 - 02:29 | 15-03-2012 - 10:55 | |
CVE-2013-4388 | 6.8 |
Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in VideoLAN VLC Media Player before 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
|
19-09-2017 - 01:36 | 11-10-2013 - 22:55 | |
CVE-2013-2914 | 6.8 |
Use-after-free vulnerability in the color-chooser dialog in Google Chrome before 30.0.1599.66 on Windows allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to color_chooser_dialog.cc and
|
19-09-2017 - 01:36 | 02-10-2013 - 10:35 | |
CVE-2011-3594 | 4.3 |
The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service (crash) via invalid UTF-8 sequences that trigger use o
|
19-09-2017 - 01:34 | 04-11-2011 - 21:55 | |
CVE-2011-2943 | 4.3 |
The irc_msg_who function in msgs.c in the IRC protocol plugin in libpurple 2.8.0 through 2.9.0 in Pidgin before 2.10.0 does not properly validate characters in nicknames, which allows user-assisted remote attackers to cause a denial of service (NULL
|
19-09-2017 - 01:33 | 29-08-2011 - 17:55 |