Export limit exceeded: 348530 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 23834 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23834 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-1234 | 1 Microsoft | 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||||
| CVE-2011-0660 | 1 Microsoft | 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote SMB servers to execute arbitrary code via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Response Parsing Vulnerability." | ||||
| CVE-2011-1235 | 1 Microsoft | 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||||
| CVE-2010-0487 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 7 and 4 more | 2025-04-11 | N/A |
| The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Extension 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows remote attackers to execute arbitrary code via a modified cabinet (aka .CAB) file that incorrectly appears to have a valid signature, aka "Cabview Corruption Validation Vulnerability." | ||||
| CVE-2011-1237 | 1 Microsoft | 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||||
| CVE-2011-1238 | 1 Microsoft | 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||||
| CVE-2010-0483 | 1 Microsoft | 5 Internet Explorer, Windows 2000, Windows 2003 Server and 2 more | 2025-04-11 | N/A |
| vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with a crafted .hlp file in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution involving winhlp32.exe when the F1 key is pressed, aka "VBScript Help Keypress Vulnerability." | ||||
| CVE-2011-1239 | 1 Microsoft | 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||||
| CVE-2011-1240 | 1 Microsoft | 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other "Vulnerability Type 1" CVEs listed in MS11-034, aka "Win32k Use After Free Vulnerability." | ||||
| CVE-2010-0117 | 2 Microsoft, Realnetworks | 3 Windows, Realplayer, Realplayer Sp | 2025-04-11 | N/A |
| RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows do not properly handle dimensions during YUV420 transformations, which might allow remote attackers to execute arbitrary code via crafted MP4 content. | ||||
| CVE-2010-0120 | 2 Microsoft, Realnetworks | 3 Windows, Realplayer, Realplayer Sp | 2025-04-11 | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allows remote attackers to execute arbitrary code via large size values in QCP audio content. | ||||
| CVE-2010-0202 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | N/A |
| Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0203. | ||||
| CVE-2010-3945 | 1 Microsoft | 2 Office, Office Converter Pack | 2025-04-11 | N/A |
| Buffer overflow in the CGM image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted CGM image in an Office document, aka "CGM Image Converter Buffer Overrun Vulnerability." | ||||
| CVE-2010-1969 | 2 Hp, Microsoft | 2 Virtual Connect Enterprise Manager, Windows | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Virtual Connect Enterprise Manager for Windows before 6.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2012-1848 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-11 | N/A |
| win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Scrollbar Calculation Vulnerability." | ||||
| CVE-2010-0196 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | N/A |
| Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0192 and CVE-2010-0193. | ||||
| CVE-2013-3204 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | N/A |
| Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | ||||
| CVE-2013-1333 | 1 Microsoft | 1 Windows 7 | 2025-04-11 | N/A |
| Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka "Win32k Buffer Overflow Vulnerability." | ||||
| CVE-2010-1987 | 2 Microsoft, Mozilla | 2 Windows Xp, Firefox | 2025-04-11 | N/A |
| Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (memory consumption, out-of-bounds read, and application crash) via JavaScript code that appends long strings to the content of a P element, and performs certain other string concatenation and substring operations, related to the DoubleWideCharMappedString class in USP10.dll and the gfxWindowsFontGroup::GetUnderlineOffset function in xul.dll, a different vulnerability than CVE-2009-1571. | ||||
| CVE-2013-1316 | 1 Microsoft | 1 Publisher | 2025-04-11 | N/A |
| Microsoft Publisher 2003 SP3 does not properly validate the size of an unspecified array, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Negative Value Allocation Vulnerability." | ||||