Export limit exceeded: 363618 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363618 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0804 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via unspecified vectors. | ||||
| CVE-2013-1969 | 1 Xmlsoft | 1 Libxml2 | 2025-04-11 | N/A |
| Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the (1) htmlParseChunk and (2) xmldecl_done functions, as demonstrated by a buffer overflow in the xmlBufGetInputBase function. | ||||
| CVE-2013-2145 | 3 Canonical, Opensuse, Perlmonks | 3 Ubuntu Linux, Opensuse, Module\ | 2025-04-11 | N/A |
| The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/. | ||||
| CVE-2013-4520 | 1 Xmlsoft | 1 Libxslt | 2025-04-11 | N/A |
| xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service (crash) via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type. NOTE: this issue is due to an incomplete fix for CVE-2012-2825. | ||||
| CVE-2013-4858 | 1 Microsoft | 2 Windows Movie Maker, Windows Xp | 2025-04-11 | N/A |
| Microsoft Windows Movie Maker 2.1.4026.0 on Windows XP SP3 allows remote attackers to cause a denial of service (application crash) via a crafted .wav file, as demonstrated by movieMaker.wav. | ||||
| CVE-2009-5064 | 2 Gnu, Redhat | 2 Glibc, Enterprise Linux | 2025-04-11 | N/A |
| ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor states "This is just nonsense. There are a gazillion other ways to introduce code if people are downloading arbitrary binaries and install them in appropriate directories or set LD_LIBRARY_PATH etc. | ||||
| CVE-2010-0759 | 2 Greatjoomla, Joomla | 2 Scriptegrator Plugin, Joomla\! | 2025-04-11 | N/A |
| Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter, a different vector than CVE-2010-0760. | ||||
| CVE-2010-3742 | 1 Dustincowell | 1 Free Simple Cms | 2025-04-11 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) meta or (2) phpincdir parameter, a different issue than CVE-2010-3307. | ||||
| CVE-2010-5139 | 1 Bitcoin | 2 Bitcoin Core, Wxbitcoin | 2025-04-11 | N/A |
| Integer overflow in wxBitcoin and bitcoind before 0.3.11 allows remote attackers to bypass intended economic restrictions and create many bitcoins via a crafted Bitcoin transaction. | ||||
| CVE-2011-2663 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Array index error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted yearly RRULE variable in a VCALENDAR attachment in an e-mail message. | ||||
| CVE-2011-5007 | 1 3ssoftware | 1 Codesys | 2025-04-11 | N/A |
| Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and earlier, as used on the ABB AC500 PLC and possibly other products, allows remote attackers to execute arbitrary code via a long URI to TCP port 8080. | ||||
| CVE-2009-4269 | 1 Apache | 1 Derby | 2025-04-11 | N/A |
| The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it easier for local and possibly remote attackers to crack passwords by generating hash collisions, related to password substitution. | ||||
| CVE-2011-2201 | 2 Mark Stosberg, Perl | 2 Data\, Perl | 2025-04-11 | N/A |
| The Data::FormValidator module 4.66 and earlier for Perl, when untaint_all_constraints is enabled, does not properly preserve the taint attribute of data, which might allow remote attackers to bypass the taint protection mechanism via form input. | ||||
| CVE-2011-2750 | 1 Novell | 1 File Reporter | 2025-04-11 | N/A |
| NFRAgent.exe in Novell File Reporter 1.0.4.2 and earlier allows remote attackers to delete arbitrary files via a full pathname in an SRS OPERATION 4 CMD 5 request to /FSF/CMD. | ||||
| CVE-2011-3011 | 1 Ca | 1 Arcserve D2d | 2025-04-11 | N/A |
| BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors. | ||||
| CVE-2011-3599 | 2 Adam Kennedy, Perl | 2 Crypt-dsa, Perl | 2025-04-11 | N/A |
| The Crypt::DSA (aka Crypt-DSA) module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determine the signing key of a signed message, via a brute-force attack. | ||||
| CVE-2011-3849 | 1 Broadcom | 1 Directory | 2025-04-11 | N/A |
| Unspecified vulnerability in dxserver before 6279 in CA Directory 8.1 and CA Directory r12 before SP7 CR1 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP packet. | ||||
| CVE-2011-4404 | 1 Vmware | 1 Vcenter Update Manager | 2025-04-11 | N/A |
| The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to CVE-2009-1523. | ||||
| CVE-2012-0419 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Directory traversal vulnerability in the agent HTTP interfaces in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to read arbitrary files via directory traversal sequences in a request. | ||||
| CVE-2012-1384 | 2 Google, Netease | 2 Android, Netease Pmail | 2025-04-11 | N/A |
| Unspecified vulnerability in the NetEase Pmail (com.netease.rpmms) application 0.5.0 and 0.5.2 for Android has unknown impact and attack vectors. | ||||