Export limit exceeded: 364910 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364910 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-2019 | 1 Apple | 1 Iphone Os | 2025-04-11 | 4.6 Medium |
| The iCloud subsystem in Apple iOS before 7.1 allows physically proximate attackers to bypass an intended password requirement, and turn off the Find My iPhone service or complete a Delete Account action and then associate this service with a different Apple ID account, by entering an arbitrary iCloud Account Password value and a blank iCloud Account Description value. | ||||
| CVE-2014-2020 | 1 Php | 1 Php | 2025-04-11 | N/A |
| ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string for the x dimension value, a different vulnerability than CVE-2013-7226. | ||||
| CVE-2009-4183 | 1 Hp | 1 Openview Storage Data Protector | 2025-04-11 | N/A |
| Unspecified vulnerability in HP OpenView Storage Data Protector 6.00 and 6.10 allows local users to obtain unspecified "access" via unknown vectors. | ||||
| CVE-2010-5046 | 1 Ecocms | 1 Ecocms | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in admin.php in ecoCMS allows remote attackers to inject arbitrary web script or HTML via the p parameter. | ||||
| CVE-2010-5055 | 1 Almnzm | 1 Almnzm | 2025-04-11 | N/A |
| SQL injection vulnerability in index.php in Almnzm 2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2011-4332 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.6.3 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-7184 | 1 Gomlab | 1 Gom Player | 2025-04-11 | N/A |
| Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file. | ||||
| CVE-2011-4248 | 1 Realnetworks | 1 Realplayer | 2025-04-11 | N/A |
| RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed AAC file. | ||||
| CVE-2011-4254 | 1 Realnetworks | 1 Realplayer | 2025-04-11 | N/A |
| RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted RTSP SETUP request. | ||||
| CVE-2009-3999 | 1 Hp | 1 Power Manager | 2025-04-11 | N/A |
| Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter. | ||||
| CVE-2011-4684 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.60 does not properly handle certificate revocation, which has unspecified impact and remote attack vectors related to "corner cases." | ||||
| CVE-2011-4807 | 1 Phpalbum | 1 Phpalbum | 2025-04-11 | N/A |
| Directory traversal vulnerability in main.php in phpAlbum 0.4.1.16 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the var1 parameter. | ||||
| CVE-2011-4835 | 1 Homeseer | 1 Homeseer Hs2 | 2025-04-11 | N/A |
| Directory traversal vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to access arbitrary files via unspecified vectors. | ||||
| CVE-2011-5168 | 1 Bananadance | 1 Banana Dance | 2025-04-11 | N/A |
| SQL injection vulnerability in user.php in Banana Dance before B.1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2010-0695 | 1 Basic-cms | 1 Basic-cms | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in pages/index.php in BASIC-CMS allows remote attackers to inject arbitrary web script or HTML via the nav_id parameter. | ||||
| CVE-2010-0904 | 1 Oracle | 1 Secure Backup | 2025-04-11 | N/A |
| Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote attackers to affect integrity via unknown vectors. | ||||
| CVE-2010-3250 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Unspecified vulnerability in Google Chrome before 6.0.472.53 allows remote attackers to enumerate the set of installed extensions via unknown vectors. | ||||
| CVE-2010-3256 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 6.0.472.53 does not properly limit the number of stored autocomplete entries, which has unspecified impact and attack vectors. | ||||
| CVE-2010-3258 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| The sandbox implementation in Google Chrome before 6.0.472.53 does not properly deserialize parameters, which has unspecified impact and remote attack vectors. | ||||
| CVE-2010-4721 | 1 Mhproducts | 1 Immo Makler | 2025-04-11 | N/A |
| SQL injection vulnerability in news.php in Immo Makler allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||