Export limit exceeded: 360766 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 26050 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (26050 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-2877 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
CVE-2011-2502 2 Redhat, Systemtap 2 Enterprise Linux, Systemtap 2025-04-11 N/A
runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument.
CVE-2014-0261 1 Microsoft 1 Dynamics Ax 2025-04-11 N/A
Microsoft Dynamics AX 4.0 SP2, 2009 SP1, 2012, and 2012 R2 allows remote authenticated users to cause a denial of service (instance outage) via crafted data to an Application Object Server (AOS) instance, aka "Query Filter DoS Vulnerability."
CVE-2011-2488 1 Joomla 1 Joomla\! 2025-04-11 N/A
Joomla! before 1.5.23 does not properly check for errors, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2011-2490 1 Nrl 1 Opie 2025-04-11 N/A
opielogin.c in opielogin in OPIE 2.4.1-test1 and earlier does not check the return value of the setuid system call, which allows local users to gain privileges by arranging for an account to already be running its maximum number of processes.
CVE-2011-2405 1 Hp 2 Proliant Sl Advanced Power Manager, Proliant Sl Advanced Power Manager Firmware 2025-04-11 N/A
The HP ProLiant SL Advanced Power Manager (SL-APM) with firmware before 1.20 does not properly validate users, which allows remote attackers to cause a denial of service via unspecified vectors.
CVE-2011-0195 1 Apple 1 Iphone Os 2025-04-11 N/A
The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202.
CVE-2011-0051 2 Mozilla, Redhat 4 Firefox, Seamonkey, Enterprise Linux and 1 more 2025-04-11 N/A
Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges.
CVE-2011-2391 1 Apple 3 Iphone Os, Itunes, Mac Os X 2025-04-11 N/A
The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets.
CVE-2013-7299 1 Tntnet 1 Tntnet 2025-04-11 N/A
framework/common/messageheaderparser.cpp in Tntnet before 2.2.1 allows remote attackers to obtain sensitive information via a header that ends in \n instead of \r\n, which prevents a null terminator from being added and causes Tntnet to include headers from other requests.
CVE-2013-1236 1 Cisco 2 Telepresence Supervisor Mse 8050, Telepresence Supervisor Mse 8050 Software 2025-04-11 N/A
Cisco TelePresence Supervisor MSE 8050 before 2.3(1.31) allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing TCP connections at a high rate, aka Bug IDs CSCuf76076 and CSCuf79763.
CVE-2012-1103 2 Gnu, Notmuchmail 2 Emacs, Notmuch 2025-04-11 N/A
emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message.
CVE-2013-7270 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-11 N/A
The packet_recvmsg function in net/packet/af_packet.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.
CVE-2013-7264 1 Linux 1 Linux Kernel 2025-04-11 N/A
The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.
CVE-2012-0339 1 Cisco 1 Ios 2025-04-11 N/A
Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also keyword during enforcement of access-class commands, which allows remote attackers to establish TELNET connections from arbitrary source IP addresses via a standard TELNET client, aka Bug ID CSCsi77774.
CVE-2011-3496 1 Measuresoft 1 Scadapro 2025-04-11 N/A
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command.
CVE-2012-0338 1 Cisco 1 Ios 2025-04-11 N/A
Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also keyword during enforcement of access-class commands, which allows remote attackers to establish SSH connections from arbitrary source IP addresses via a standard SSH client, aka Bug ID CSCsv86113.
CVE-2013-4024 1 Ibm 4 Data Studio Web Console, Db2 Recovery Expert, Infosphere Optim Configuration Manager and 1 more 2025-04-11 N/A
IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x support HTTP access to the Web Console, which allows remote attackers to read session cookies by sniffing the network.
CVE-2013-6447 1 Redhat 2 Jboss Enterprise Web Framework, Jboss Seam 2 Framework 2025-04-11 N/A
Multiple XML External Entity (XXE) vulnerabilities in the (1) ExecutionHandler, (2) PollHandler, and (3) SubscriptionHandler classes in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier, as used in JBoss Web Framework Kit, allow remote attackers to read arbitrary files and possibly have other impacts via a crafted XML file.
CVE-2011-3502 1 Cogentdatahub 1 Cogent Datahub 2025-04-11 N/A
The web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to obtain the source code of executable files via a request with a trailing (1) space or (2) %2e (encoded dot).