Export limit exceeded: 348471 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23834 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0026 | 1 Microsoft | 4 Internet Explorer, Windows 7, Windows Server 2008 and 1 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer InsertElement Use After Free Vulnerability." | ||||
| CVE-2011-2339 | 2 Apple, Microsoft | 5 Itunes, Webkit, Windows 7 and 2 more | 2025-04-11 | N/A |
| WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | ||||
| CVE-2011-2338 | 2 Apple, Microsoft | 5 Itunes, Webkit, Windows 7 and 2 more | 2025-04-11 | N/A |
| WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | ||||
| CVE-2010-4423 | 2 Microsoft, Oracle | 2 Windows, Database Server | 2025-04-11 | N/A |
| Unspecified vulnerability in the Cluster Verify Utility component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1, when running on Windows, allows local users to affect confidentiality, integrity, and availability via unknown vectors. | ||||
| CVE-2012-0584 | 2 Apple, Microsoft | 2 Safari, Windows | 2025-04-11 | N/A |
| The Internationalized Domain Name (IDN) feature in Apple Safari before 5.1.4 on Windows does not properly restrict the characters in URLs, which allows remote attackers to spoof a domain name via unspecified homoglyphs. | ||||
| CVE-2013-3326 | 8 Adobe, Apple, Google and 5 more | 15 Adobe Air, Adobe Air Sdk, Flash Player and 12 more | 2025-04-11 | N/A |
| Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. | ||||
| CVE-2010-3961 | 1 Microsoft | 3 Windows 7, Windows Server 2008, Windows Vista | 2025-04-11 | N/A |
| The Consent User Interface (UI) in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly handle an unspecified registry-key value, which allows local users with SeImpersonatePrivilege rights to gain privileges via a crafted application, aka "Consent UI Impersonation Vulnerability." | ||||
| CVE-2010-3816 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. | ||||
| CVE-2012-4206 | 2 Microsoft, Mozilla | 2 Windows, Firefox | 2025-04-11 | N/A |
| Untrusted search path vulnerability in the installer in Mozilla Firefox before 17.0 and Firefox ESR 10.x before 10.0.11 on Windows allows local users to gain privileges via a Trojan horse DLL in the default downloads directory. | ||||
| CVE-2011-0093 | 1 Microsoft | 1 Visio | 2025-04-11 | N/A |
| ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does not properly parse structures during the opening of a Visio file, which allows remote attackers to execute arbitrary code via a file containing a malformed structure, aka "Visio Data Type Memory Corruption Vulnerability." | ||||
| CVE-2010-1549 | 2 Hp, Microsoft | 3 Loadrunner, Performance Center, Windows | 2025-04-11 | N/A |
| Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2010-3231 | 1 Microsoft | 3 Excel, Office, Open Xml File Format Converter | 2025-04-11 | N/A |
| Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel Record Parsing Memory Corruption Vulnerability." | ||||
| CVE-2010-3229 | 1 Microsoft | 3 Windows 7, Windows Server 2008, Windows Vista | 2025-04-11 | N/A |
| The Secure Channel (aka SChannel) security package in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when IIS 7.x is used, does not properly process client certificates during SSL and TLS handshakes, which allows remote attackers to cause a denial of service (LSASS outage and reboot) via a crafted packet, aka "TLSv1 Denial of Service Vulnerability." | ||||
| CVE-2010-3200 | 1 Microsoft | 1 Word | 2025-04-11 | N/A |
| MSO.dll in Microsoft Word 2003 SP3 11.8326.11.8324 allows remote attackers to cause a denial of service (NULL pointer dereference and multiple-instance application crash) via a crafted buffer in a Word document, as demonstrated by word_crash_11.8326.8324_poc.doc. | ||||
| CVE-2010-2750 | 1 Microsoft | 2 Office, Word | 2025-04-11 | N/A |
| Array index error in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Vulnerability." | ||||
| CVE-2012-4165 | 6 Adobe, Apple, Google and 3 more | 8 Air, Air Sdk, Flash Player and 5 more | 2025-04-11 | N/A |
| Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4163 and CVE-2012-4164. | ||||
| CVE-2012-4158 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2025-04-11 | N/A |
| Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4159, and CVE-2012-4160. | ||||
| CVE-2012-0008 | 1 Microsoft | 1 Visual Studio | 2025-04-11 | N/A |
| Untrusted search path vulnerability in Microsoft Visual Studio 2008 SP1, 2010, and 2010 SP1 allows local users to gain privileges via a Trojan horse add-in in an unspecified directory, aka "Visual Studio Add-In Vulnerability." | ||||
| CVE-2012-4154 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2025-04-11 | N/A |
| Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, CVE-2012-4159, and CVE-2012-4160. | ||||
| CVE-2011-2014 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-11 | N/A |
| The LDAP over SSL (aka LDAPS) implementation in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not examine Certificate Revocation Lists (CRLs), which allows remote authenticated users to bypass intended certificate restrictions and access Active Directory resources by leveraging a revoked X.509 certificate for a domain account, aka "LDAPS Authentication Bypass Vulnerability." | ||||