Export limit exceeded: 364910 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364910 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-2019 1 Apple 1 Iphone Os 2025-04-11 4.6 Medium
The iCloud subsystem in Apple iOS before 7.1 allows physically proximate attackers to bypass an intended password requirement, and turn off the Find My iPhone service or complete a Delete Account action and then associate this service with a different Apple ID account, by entering an arbitrary iCloud Account Password value and a blank iCloud Account Description value.
CVE-2014-2020 1 Php 1 Php 2025-04-11 N/A
ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string for the x dimension value, a different vulnerability than CVE-2013-7226.
CVE-2009-4183 1 Hp 1 Openview Storage Data Protector 2025-04-11 N/A
Unspecified vulnerability in HP OpenView Storage Data Protector 6.00 and 6.10 allows local users to obtain unspecified "access" via unknown vectors.
CVE-2010-5046 1 Ecocms 1 Ecocms 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in admin.php in ecoCMS allows remote attackers to inject arbitrary web script or HTML via the p parameter.
CVE-2010-5055 1 Almnzm 1 Almnzm 2025-04-11 N/A
SQL injection vulnerability in index.php in Almnzm 2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2011-4332 1 Joomla 1 Joomla\! 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.6.3 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-7184 1 Gomlab 1 Gom Player 2025-04-11 N/A
Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file.
CVE-2011-4248 1 Realnetworks 1 Realplayer 2025-04-11 N/A
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed AAC file.
CVE-2011-4254 1 Realnetworks 1 Realplayer 2025-04-11 N/A
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted RTSP SETUP request.
CVE-2009-3999 1 Hp 1 Power Manager 2025-04-11 N/A
Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter.
CVE-2011-4684 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 11.60 does not properly handle certificate revocation, which has unspecified impact and remote attack vectors related to "corner cases."
CVE-2011-4807 1 Phpalbum 1 Phpalbum 2025-04-11 N/A
Directory traversal vulnerability in main.php in phpAlbum 0.4.1.16 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the var1 parameter.
CVE-2011-4835 1 Homeseer 1 Homeseer Hs2 2025-04-11 N/A
Directory traversal vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to access arbitrary files via unspecified vectors.
CVE-2011-5168 1 Bananadance 1 Banana Dance 2025-04-11 N/A
SQL injection vulnerability in user.php in Banana Dance before B.1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-0695 1 Basic-cms 1 Basic-cms 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in pages/index.php in BASIC-CMS allows remote attackers to inject arbitrary web script or HTML via the nav_id parameter.
CVE-2010-0904 1 Oracle 1 Secure Backup 2025-04-11 N/A
Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote attackers to affect integrity via unknown vectors.
CVE-2010-3250 1 Google 1 Chrome 2025-04-11 N/A
Unspecified vulnerability in Google Chrome before 6.0.472.53 allows remote attackers to enumerate the set of installed extensions via unknown vectors.
CVE-2010-3256 1 Google 1 Chrome 2025-04-11 N/A
Google Chrome before 6.0.472.53 does not properly limit the number of stored autocomplete entries, which has unspecified impact and attack vectors.
CVE-2010-3258 1 Google 1 Chrome 2025-04-11 N/A
The sandbox implementation in Google Chrome before 6.0.472.53 does not properly deserialize parameters, which has unspecified impact and remote attack vectors.
CVE-2010-4721 1 Mhproducts 1 Immo Makler 2025-04-11 N/A
SQL injection vulnerability in news.php in Immo Makler allows remote attackers to execute arbitrary SQL commands via the id parameter.