Export limit exceeded: 364930 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364930 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364930 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-2139 1 Multishopcms 1 Multishop Cms 2025-04-11 N/A
SQL injection vulnerability in pages.php in Multishop CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-2151 1 Fujitsu 1 E-pares 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20, L30, and L40 allows remote attackers to hijack the authentication of users for requests that modify "facility reservation data" via unknown vectors.
CVE-2010-3246 1 Google 1 Chrome 2025-04-11 N/A
Google Chrome before 6.0.472.53 does not properly handle the _blank value for the target attribute of unspecified elements, which allows remote attackers to bypass the pop-up blocker via unknown vectors.
CVE-2011-3793 1 Lucidcrew 1 Pixie 2025-04-11 N/A
Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/modules/static.php and certain other files.
CVE-2010-2442 1 Microsoft 1 Internet Explorer 2025-04-11 N/A
Microsoft Internet Explorer, possibly 8, does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets."
CVE-2011-3999 1 Ibc.co.jp 1 Iwate Portal Bar 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the RSS/Atom feed-reader implementation in Iwate Portal Bar allows remote attackers to inject arbitrary web script or HTML via a crafted feed.
CVE-2010-3249 1 Google 1 Chrome 2025-04-11 N/A
Google Chrome before 6.0.472.53 does not properly implement SVG filters, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "stale pointer" issue.
CVE-2011-3874 1 Google 1 Android 2025-04-11 N/A
Stack-based buffer overflow in libsysutils in Android 2.2.x through 2.2.2 and 2.3.x through 2.3.6 allows user-assisted remote attackers to execute arbitrary code via an application that calls the FrameworkListener::dispatchCommand method with the wrong number of arguments, as demonstrated by zergRush to trigger a use-after-free error.
CVE-2010-3251 1 Google 1 Chrome 2025-04-11 N/A
The WebSockets implementation in Google Chrome before 6.0.472.53 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.
CVE-2010-3253 1 Google 1 Chrome 2025-04-11 N/A
The implementation of notification permissions in Google Chrome before 6.0.472.53 allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
CVE-2010-3254 1 Google 1 Chrome 2025-04-11 N/A
The WebSockets implementation in Google Chrome before 6.0.472.53 does not properly handle integer values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2011-4166 1 Hp 1 Managed Printing Administration 2025-04-11 N/A
Directory traversal vulnerability in the MPAUploader.Uploader.1.UploadFiles method in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data.
CVE-2010-3252 1 Google 1 Chrome 2025-04-11 N/A
Use-after-free vulnerability in the Notifications presenter in Google Chrome before 6.0.472.53 allows attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2010-3307 1 Dustincowell 1 Free Simple Cms 2025-04-11 N/A
Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) body, (2) footer, (3) header, (4) menu_left, or (5) menu_right parameter.
CVE-2010-3462 1 Mollify 1 Mollify 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in backend/plugin/Registration/index.php in Mollify 1.6, 1.6.5.5, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the confirm parameter. NOTE: some of these details are obtained from third party information.
CVE-2014-0407 1 Oracle 1 Vm Virtualbox 2025-04-11 N/A
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0405.
CVE-2014-0408 2 Apple, Oracle 2 Mac Os X, Jre 2025-04-11 N/A
Unspecified vulnerability in Oracle Java SE 7u45, when running on OS X, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
CVE-2014-0410 2 Oracle, Redhat 5 Jdk, Jre, Network Satellite and 2 more 2025-04-11 N/A
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.
CVE-2014-0411 2 Oracle, Redhat 7 Jdk, Jre, Jrockit and 4 more 2025-04-11 N/A
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.
CVE-2014-0412 5 Canonical, Debian, Mariadb and 2 more 12 Ubuntu Linux, Debian Linux, Mariadb and 9 more 2025-04-11 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.