Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-3730 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| Mail in Apple iOS before 6 does not properly handle reuse of Content-ID header values, which allows remote attackers to spoof attachments via a header value that was also used in a previous e-mail message, as demonstrated by a message from a different sender. | ||||
| CVE-2012-3731 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| Mail in Apple iOS before 6 does not properly implement the Data Protection feature for e-mail attachments, which allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors. | ||||
| CVE-2012-3744 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| Telephony in Apple iOS before 6 uses an SMS message's return address as the displayed sender address, which allows remote attackers to spoof text communication via a message in which the return address does not match the originating address. | ||||
| CVE-2010-5221 | 1 Stdutility | 1 Stdu Explorer | 2025-04-11 | N/A |
| Untrusted search path vulnerability in STDU Explorer 1.0.201 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2012-5514 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| The guest_physmap_mark_populate_on_demand function in Xen 4.2 and earlier does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vectors. | ||||
| CVE-2010-5243 | 1 Cyberlink | 1 Power2go | 2025-04-11 | N/A |
| Multiple untrusted search path vulnerabilities in Cyberlink Power2Go 7.0.0.0816 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) MFC71LOC.DLL file in the current working directory, as demonstrated by a directory that contains a .p2g, .iso, .pdl, .pds, or .p2i file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-2579 | 3 Apple, Linux, Realnetworks | 4 Mac Os X, Linux Kernel, Realplayer and 1 more | 2025-04-11 | N/A |
| The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 does not properly initialize the number of channels, which allows attackers to obtain unspecified "memory access" via unknown vectors. | ||||
| CVE-2012-5381 | 1 Php | 1 Php | 2025-04-11 | N/A |
| Untrusted search path vulnerability in the installation functionality in PHP 5.3.17, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\PHP directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the PHP installation | ||||
| CVE-2011-4951 | 1 Egroupware | 2 Egroupware, Egroupware Enterprise Line | 2025-04-11 | N/A |
| Open redirect vulnerability in phpgwapi/ntlm/index.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter. | ||||
| CVE-2013-0138 | 1 Bitberry Software | 1 Bitzipper | 2025-04-11 | N/A |
| BitZipper 2013 before Update 1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ZIP archive. | ||||
| CVE-2013-0794 | 1 Mozilla | 2 Firefox, Seamonkey | 2025-04-11 | N/A |
| Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent origin spoofing of tab-modal dialogs, which allows remote attackers to conduct phishing attacks via a crafted web site. | ||||
| CVE-2013-0797 | 1 Mozilla | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2025-04-11 | N/A |
| Untrusted search path vulnerability in the Mozilla Updater in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allows local users to gain privileges via a Trojan horse DLL file in an unspecified directory. | ||||
| CVE-2010-5239 | 1 Daemon-tools | 1 Daemon Tools | 2025-04-11 | N/A |
| Untrusted search path vulnerability in DAEMON Tools Lite 4.35.6.0091 and Pro Standard 4.36.0309.0160 allows local users to gain privileges via a Trojan horse mfc80loc.dll file in the current working directory, as demonstrated by a directory that contains a .mds file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2013-2601 | 1 Citrix | 1 Xenclient Xt | 2025-04-11 | N/A |
| The NDVM in Citrix XenClient XT before 2.1.3 and 3.x before 3.1.4 allows remote attackers to execute arbitrary commands by using the UIVM to create a network connection. | ||||
| CVE-2013-2632 | 1 Google | 2 Chrome, V8 | 2025-04-11 | N/A |
| Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by the Bejeweled game. | ||||
| CVE-2010-5195 | 1 Roxio | 1 Mydvd | 2025-04-11 | N/A |
| Untrusted search path vulnerability in Roxio MyDVD 9 allows local users to gain privileges via a Trojan horse HomeUtils9.dll file in the current working directory, as demonstrated by a directory that contains a .dmsd or .dmsm file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-5147 | 1 Websense | 2 Websense Web Filter, Websense Web Security | 2025-04-11 | N/A |
| The Remote Filtering component in Websense Web Security and Web Filter before 6.3.3 Hotfix 18 and 7.x before 7.1.1 allows remote attackers to cause a denial of service (daemon exit) via a large volume of traffic. | ||||
| CVE-2010-3138 | 2 Bsplayer, Microsoft | 3 Bs.player, Windows Media Player, Windows Xp | 2025-04-11 | N/A |
| Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax in Microsoft Windows XP SP3 allows local users to gain privileges via a Trojan horse iacenc.dll file in the current working directory, as demonstrated by access through BS.Player or Media Player Classic to a directory that contains a .avi, .mka, .ra, or .ram file, aka "Indeo Codec Insecure Library Loading Vulnerability." NOTE: some of these details are obtained from third party information. | ||||
| CVE-2013-6631 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Use-after-free vulnerability in the Channel::SendRTCPPacket function in voice_engine/channel.cc in libjingle in WebRTC, as used in Google Chrome before 31.0.1650.48 and other products, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger the absence of certain statistics initialization, leading to the skipping of a required DeRegisterExternalTransport call. | ||||
| CVE-2011-0502 | 1 Musanim | 1 Music Animation Machine Midi Player | 2025-04-11 | N/A |
| Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly other versions allows user-assisted remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a long line in a MIDI (.mid) file. | ||||