Search Results (5636 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-2854 4 Apple, Google, Linux and 1 more 5 Mac Os X, Chrome, Frame and 2 more 2025-04-11 N/A
Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to obtain potentially sensitive information about pointer values by leveraging access to a WebUI renderer process.
CVE-2012-2853 4 Apple, Google, Linux and 1 more 5 Mac Os X, Chrome, Frame and 2 more 2025-04-11 N/A
The webRequest API in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not properly interact with the Chrome Web Store, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site.
CVE-2012-2852 4 Apple, Google, Linux and 1 more 5 Mac Os X, Chrome, Frame and 2 more 2025-04-11 N/A
The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not properly handle object linkage, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted document.
CVE-2012-2849 4 Apple, Google, Linux and 1 more 5 Mac Os X, Chrome, Frame and 2 more 2025-04-11 N/A
Off-by-one error in the GIF decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.
CVE-2012-2848 4 Apple, Google, Linux and 1 more 5 Mac Os X, Chrome, Frame and 2 more 2025-04-11 N/A
The drag-and-drop implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows user-assisted remote attackers to bypass intended file access restrictions via a crafted web site.
CVE-2012-2847 4 Apple, Google, Linux and 1 more 5 Mac Os X, Chrome, Frame and 2 more 2025-04-11 N/A
Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not request user confirmation before continuing a large series of downloads, which allows user-assisted remote attackers to cause a denial of service (resource consumption) via a crafted web site.
CVE-2012-2827 2 Apple, Google 2 Mac Os X, Chrome 2025-04-11 N/A
Use-after-free vulnerability in the UI in Google Chrome before 20.0.1132.43 on Mac OS X allows attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2010-2519 5 Apple, Canonical, Debian and 2 more 5 Mac Os X, Ubuntu Linux, Debian Linux and 2 more 2025-04-11 N/A
Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file.
CVE-2010-2500 5 Apple, Canonical, Debian and 2 more 5 Mac Os X, Ubuntu Linux, Debian Linux and 2 more 2025-04-11 N/A
Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
CVE-2010-2499 5 Apple, Canonical, Debian and 2 more 5 Mac Os X, Ubuntu Linux, Debian Linux and 2 more 2025-04-11 N/A
Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment.
CVE-2010-2498 5 Apple, Canonical, Debian and 2 more 5 Mac Os X, Ubuntu Linux, Debian Linux and 2 more 2025-04-11 N/A
The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation.
CVE-2010-2497 3 Apple, Debian, Freetype 3 Mac Os X, Debian Linux, Freetype 2025-04-11 N/A
Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
CVE-2011-0621 7 Adobe, Apple, Google and 4 more 7 Flash Player, Mac Os X, Android and 4 more 2025-04-11 N/A
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0619, CVE-2011-0620, and CVE-2011-0622.
CVE-2014-0491 5 Adobe, Apple, Linux and 2 more 7 Adobe Air, Adobe Air Sdk, Flash Player and 4 more 2025-04-11 N/A
Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to bypass unspecified protection mechanisms via unknown vectors.
CVE-2010-4296 3 Apple, Linux, Vmware 6 Mac Os X, Linux Kernel, Fusion and 3 more 2025-04-11 N/A
vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files.
CVE-2013-7127 1 Apple 2 Mac Os X, Safari 2025-04-11 N/A
Apple Safari 6.0.5 on Mac OS X 10.7.5 and 10.8.5 stores cleartext credentials in LastSession.plist, which allows local users to obtain sensitive information by reading this file.
CVE-2012-2051 3 Adobe, Apple, Microsoft 4 Acrobat, Acrobat Reader, Mac Os X and 1 more 2025-04-11 N/A
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160.
CVE-2012-2493 4 Apple, Cisco, Linux and 1 more 4 Mac Os X, Anyconnect Secure Mobility Client, Linux Kernel and 1 more 2025-04-11 N/A
The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Windows, and 2.x before 2.5 MR6 and 3.x before 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are received by the downloader process, which allows remote attackers to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug ID CSCtw47523.
CVE-2013-3356 3 Adobe, Apple, Microsoft 4 Acrobat, Acrobat Reader, Mac Os X and 1 more 2025-04-11 N/A
Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3353.
CVE-2011-1755 4 Apple, Fedoraproject, Jabberd2 and 1 more 6 Mac Os X, Mac Os X Server, Fedora and 3 more 2025-04-11 7.5 High
jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.