Max CVSS | 10.0 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2012-0003 | 9.3 |
Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MI
|
17-10-2024 - 20:35 | 10-01-2012 - 21:55 | |
CVE-2011-1957 | 4.3 |
The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length.
|
13-02-2023 - 01:19 | 06-06-2011 - 19:55 | |
CVE-2011-3547 | 5.0 |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java a
|
13-05-2022 - 14:52 | 19-10-2011 - 21:55 | |
CVE-2012-0011 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."
|
01-03-2022 - 16:28 | 14-02-2012 - 22:55 | |
CVE-2011-1305 | 6.8 |
Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to linked lists and a database.
|
08-09-2021 - 17:19 | 03-05-2011 - 22:55 | |
CVE-2002-1186 | 5.0 |
Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site tha
|
23-07-2021 - 12:55 | 11-12-2002 - 05:00 | |
CVE-2005-2830 | 5.0 |
Microsoft Internet Explorer 5.01, 5.5, and 6, when using an HTTPS proxy server that requires Basic Authentication, sends URLs in cleartext, which allows remote attackers to obtain sensitive information, aka "HTTPS Proxy Vulnerability."
|
23-07-2021 - 12:55 | 14-12-2005 - 11:03 | |
CVE-2011-3416 | 8.5 |
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms A
|
28-09-2020 - 12:58 | 30-12-2011 - 01:55 | |
CVE-2012-0011 | 9.3 |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability."
|
28-09-2020 - 12:58 | 14-02-2012 - 22:55 | |
CVE-2012-0003 | 9.3 |
Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MI
|
28-09-2020 - 12:58 | 10-01-2012 - 21:55 | |
CVE-2011-3416 | 8.5 |
The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms A
|
28-09-2020 - 12:58 | 30-12-2011 - 01:55 | |
CVE-2010-3416 | 7.5 |
Google Chrome before 6.0.472.59 on Linux does not properly implement the Khmer locale, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
|
04-08-2020 - 19:11 | 16-09-2010 - 21:00 | |
CVE-2010-4578 | 7.5 |
Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do not properly perform cursor handling, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale po
|
28-07-2020 - 19:16 | 22-12-2010 - 01:00 | |
CVE-2011-0477 | 10.0 |
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle a mismatch in video frame sizes, which allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact v
|
27-07-2020 - 16:01 | 14-01-2011 - 17:00 | |
CVE-2011-0480 | 9.3 |
Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or
|
24-07-2020 - 21:16 | 14-01-2011 - 17:00 | |
CVE-2011-0485 | 10.0 |
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle speech data, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "stale pointer."
|
24-07-2020 - 21:16 | 14-01-2011 - 17:00 | |
CVE-2011-0470 | 5.0 |
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle extensions notification, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
|
24-07-2020 - 21:04 | 14-01-2011 - 17:00 | |
CVE-2011-0981 | 7.5 |
Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
|
04-06-2020 - 19:33 | 10-02-2011 - 19:00 | |
CVE-2011-1125 | 7.5 |
Google Chrome before 9.0.597.107 does not properly perform layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
|
04-06-2020 - 19:21 | 01-03-2011 - 23:00 | |
CVE-2011-1118 | 6.8 |
Google Chrome before 9.0.597.107 does not properly handle TEXTAREA elements, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document.
|
04-06-2020 - 18:53 | 01-03-2011 - 23:00 | |
CVE-2011-1185 | 7.5 |
Google Chrome before 10.0.648.127 does not prevent (1) navigation and (2) close operations on the top location of a sandboxed frame, which has unspecified impact and remote attack vectors.
|
03-06-2020 - 20:31 | 11-03-2011 - 02:01 | |
CVE-2011-1107 | 4.3 |
Unspecified vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to spoof the URL bar via unknown vectors.
|
03-06-2020 - 19:57 | 01-03-2011 - 23:00 | |
CVE-2011-1203 | 7.5 |
Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
|
03-06-2020 - 18:47 | 11-03-2011 - 02:01 | |
CVE-2011-1189 | 7.5 |
Google Chrome before 10.0.648.127 does not properly perform box layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."
|
03-06-2020 - 18:35 | 11-03-2011 - 02:01 | |
CVE-2011-1187 | 5.0 |
Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."
|
03-06-2020 - 18:20 | 11-03-2011 - 02:01 | |
CVE-2011-1691 | 5.0 |
The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access t
|
03-06-2020 - 15:29 | 15-04-2011 - 00:55 | |
CVE-2011-1190 | 5.0 |
The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."
|
02-06-2020 - 20:22 | 11-03-2011 - 02:01 | |
CVE-2011-1108 | 6.8 |
Google Chrome before 9.0.597.107 does not properly implement JavaScript dialogs, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document.
|
02-06-2020 - 18:33 | 01-03-2011 - 23:00 | |
CVE-2011-1294 | 7.5 |
Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale po
|
29-05-2020 - 21:04 | 25-03-2011 - 19:55 | |
CVE-2011-1293 | 7.5 |
Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
29-05-2020 - 21:03 | 25-03-2011 - 19:55 | |
CVE-2011-1439 | 6.8 |
Google Chrome before 11.0.696.57 on Linux does not properly isolate renderer processes, which has unspecified impact and remote attack vectors.
|
29-05-2020 - 20:21 | 03-05-2011 - 22:55 | |
CVE-2011-1444 | 6.8 |
Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
29-05-2020 - 20:14 | 03-05-2011 - 22:55 | |
CVE-2011-1456 | 6.8 |
Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."
|
22-05-2020 - 18:30 | 03-05-2011 - 22:55 | |
CVE-2011-1806 | 10.0 |
Google Chrome before 11.0.696.71 does not properly implement the GPU command buffer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
|
22-05-2020 - 18:13 | 26-05-2011 - 16:55 | |
CVE-2011-1304 | 5.0 |
Unspecified vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to bypass the pop-up blocker via vectors related to plug-ins.
|
22-05-2020 - 17:27 | 03-05-2011 - 22:55 | |
CVE-2011-2348 | 6.8 |
Google V8, as used in Google Chrome before 12.0.742.112, performs an incorrect bounds check, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
21-05-2020 - 20:15 | 29-06-2011 - 17:55 | |
CVE-2011-2803 | 6.8 |
Google Chrome before 13.0.782.107 does not properly handle Skia paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
21-05-2020 - 01:12 | 03-08-2011 - 00:55 | |
CVE-2011-2801 | 6.8 |
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the frame loader.
|
21-05-2020 - 01:11 | 03-08-2011 - 00:55 | |
CVE-2011-2360 | 4.3 |
Google Chrome before 13.0.782.107 does not ensure that the user is prompted before download of a dangerous file, which makes it easier for remote attackers to bypass intended content restrictions via a crafted web site.
|
21-05-2020 - 01:04 | 03-08-2011 - 00:55 | |
CVE-2011-2786 | 4.3 |
Google Chrome before 13.0.782.107 does not ensure that the speech-input bubble is shown on the product's screen, which might make it easier for remote attackers to make audio recordings via a crafted web page containing an INPUT element.
|
20-05-2020 - 15:31 | 03-08-2011 - 00:55 | |
CVE-2011-2788 | 6.8 |
Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors.
|
19-05-2020 - 15:25 | 03-08-2011 - 00:55 | |
CVE-2011-2839 | 7.5 |
The PDF implementation in Google Chrome before 13.0.782.215 on Linux does not properly use the memset library function, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
19-05-2020 - 14:36 | 29-08-2011 - 15:55 | |
CVE-2011-2826 | 7.5 |
Google Chrome before 13.0.782.215 allows remote attackers to bypass the Same Origin Policy via vectors related to empty origins.
|
19-05-2020 - 13:30 | 29-08-2011 - 15:55 | |
CVE-2011-2830 | 7.5 |
Google V8, as used in Google Chrome before 14.0.835.163, does not properly implement script object wrappers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.
|
11-05-2020 - 16:57 | 28-10-2011 - 02:49 | |
CVE-2011-2880 | 6.8 |
Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings.
|
11-05-2020 - 16:29 | 04-10-2011 - 20:55 | |
CVE-2011-2853 | 7.5 |
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.
|
08-05-2020 - 19:11 | 19-09-2011 - 12:02 | |
CVE-2011-3916 | 5.0 |
Google Chrome before 16.0.912.63 does not properly handle PDF cross references, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
08-05-2020 - 14:31 | 13-12-2011 - 21:55 | |
CVE-2011-3953 | 7.5 |
Google Chrome before 17.0.963.46 does not prevent monitoring of the clipboard after a paste event, which has unspecified impact and remote attack vectors.
|
08-05-2020 - 14:13 | 09-02-2012 - 04:10 | |
CVE-2011-3037 | 6.8 |
Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted documen
|
16-04-2020 - 16:13 | 05-03-2012 - 19:55 | |
CVE-2011-3057 | 4.3 |
Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of service via vectors that trigger an invalid read operation.
|
14-04-2020 - 15:40 | 22-03-2012 - 16:55 | |
CVE-2010-1029 | 5.0 |
Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (ap
|
26-09-2019 - 17:05 | 19-03-2010 - 21:30 | |
CVE-2012-0009 | 9.3 |
Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse executable file in the current working directory, as dem
|
26-02-2019 - 14:04 | 10-01-2012 - 21:55 | |
CVE-2011-3002 | 9.3 |
Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service (application
|
29-11-2018 - 16:02 | 29-09-2011 - 00:55 | |
CVE-2011-2445 | 10.0 |
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (me
|
29-11-2018 - 15:36 | 11-11-2011 - 16:55 | |
CVE-2010-4476 | 5.0 |
The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows rem
|
30-10-2018 - 16:26 | 17-02-2011 - 19:00 | |
CVE-2010-3541 | 5.1 |
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE
|
30-10-2018 - 16:26 | 19-10-2010 - 22:00 | |
CVE-2010-3549 | 6.8 |
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE
|
30-10-2018 - 16:26 | 19-10-2010 - 22:00 | |
CVE-2010-0848 | 7.5 |
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Per: htt
|
30-10-2018 - 16:26 | 01-04-2010 - 16:30 | |
CVE-2010-0088 | 6.8 |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown
|
30-10-2018 - 16:26 | 01-04-2010 - 16:30 | |
CVE-2011-0815 | 10.0 |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to
|
30-10-2018 - 16:26 | 14-06-2011 - 18:55 | |
CVE-2005-4560 | 7.5 |
The Windows Graphical Device Interface library (GDI32.DLL) in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows P
|
19-10-2018 - 15:41 | 28-12-2005 - 19:03 | |
CVE-2012-0144 | 4.3 |
Cross-site scripting (XSS) vulnerability in themeweb.aspx in Microsoft Office SharePoint Server 2010 Gold and SP1 and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via JavaScript sequences in a
|
12-10-2018 - 22:02 | 14-02-2012 - 22:55 | |
CVE-2012-0019 | 9.3 |
Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability
|
12-10-2018 - 22:02 | 14-02-2012 - 22:55 | |
CVE-2011-3411 | 9.3 |
Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect handling of values in memory, aka "Publisher Invalid Pointer Vulnerability."
|
12-10-2018 - 22:01 | 14-12-2011 - 00:55 | |
CVE-2012-0007 | 4.3 |
The Microsoft Anti-Cross Site Scripting (AntiXSS) Library 3.x and 4.0 does not properly evaluate characters after the detection of a Cascading Style Sheets (CSS) escaped character, which allows remote attackers to conduct cross-site scripting (XSS) a
|
12-10-2018 - 22:01 | 10-01-2012 - 21:55 | |
CVE-2008-1438 | 5.0 |
Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (disk space exhaustion) via a file with
|
12-10-2018 - 21:45 | 13-05-2008 - 22:20 | |
CVE-2005-2128 | 5.0 |
QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value.
|
12-10-2018 - 21:37 | 12-10-2005 - 13:04 | |
CVE-2008-5036 | 9.3 |
Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assisted attackers to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/demux/subtitle.c
|
11-10-2018 - 20:53 | 10-11-2008 - 22:18 | |
CVE-2008-2430 | 9.3 |
Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote attackers to execute arbitrary code via a large fmt chunk in a WAV file.
|
11-10-2018 - 20:41 | 07-07-2008 - 23:41 | |
CVE-2010-0094 | 7.5 |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the p
|
10-10-2018 - 19:50 | 01-04-2010 - 16:30 | |
CVE-2011-3556 | 7.5 |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confident
|
06-01-2018 - 02:29 | 19-10-2011 - 21:55 | |
CVE-2011-4313 | 5.0 |
query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named e
|
06-01-2018 - 02:29 | 29-11-2011 - 17:55 | |
CVE-2011-3560 | 6.4 |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java a
|
06-01-2018 - 02:29 | 19-10-2011 - 21:55 | |
CVE-2011-3551 | 9.3 |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown v
|
06-01-2018 - 02:29 | 19-10-2011 - 21:55 | |
CVE-2011-3553 | 3.5 |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote authenticated users to affect confidentiality, related to JAXWS.
|
06-01-2018 - 02:29 | 19-10-2011 - 21:55 | |
CVE-2011-3557 | 6.8 |
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confident
|
06-01-2018 - 02:29 | 19-10-2011 - 21:55 | |
CVE-2010-4467 | 10.0 |
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 10 through 6 Update 23 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrit
|
22-12-2017 - 02:29 | 17-02-2011 - 19:00 | |
CVE-2011-0786 | 7.6 |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, in
|
22-12-2017 - 02:29 | 14-06-2011 - 18:55 | |
CVE-2011-0869 | 5.0 |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related t
|
22-12-2017 - 02:29 | 14-06-2011 - 18:55 | |
CVE-2011-0817 | 10.0 |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, in
|
22-12-2017 - 02:29 | 14-06-2011 - 18:55 | |
CVE-2007-0017 | 6.8 |
Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access/cdda/access.c in the CDDA (libcdda_plugin) plugin, and the (2) cdio_log_handler and (3) vcd_log_handler functions in modules/access/vcdx/access.c in the VCD
|
11-10-2017 - 01:31 | 03-01-2007 - 02:28 | |
CVE-2005-3296 | 10.0 |
The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in.
|
11-10-2017 - 01:30 | 23-10-2005 - 21:02 | |
CVE-2004-0368 | 10.0 |
Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet.
|
11-10-2017 - 01:29 | 04-05-2004 - 04:00 | |
CVE-2009-1045 | 5.0 |
requests/status.xml in VLC 0.9.8a allows remote attackers to cause a denial of service (stack consumption and crash) via a long input argument in an in_play action.
|
29-09-2017 - 01:34 | 23-03-2009 - 16:30 | |
CVE-2007-6681 | 7.5 |
Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file.
|
29-09-2017 - 01:30 | 17-01-2008 - 01:00 | |
CVE-2011-4159 | 6.8 |
Unspecified vulnerability in System Administration Manager (SAM) in EMS before A.04.20.11.04_01 on HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors.
|
19-09-2017 - 01:34 | 19-11-2011 - 03:58 | |
CVE-2011-3651 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors
|
19-09-2017 - 01:34 | 09-11-2011 - 11:55 | |
CVE-2012-0904 | 4.3 |
VLC media player 1.1.11 allows remote attackers to cause a denial of service (crash) via a long string in an amr file.
|
19-09-2017 - 01:34 | 20-01-2012 - 17:55 | |
CVE-2012-0446 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension, r
|
19-09-2017 - 01:34 | 01-02-2012 - 16:55 | |
CVE-2011-2991 | 10.0 |
The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement JavaScript, which allows remote attackers to cause a denial of service (memory corruption and
|
19-09-2017 - 01:33 | 18-08-2011 - 18:55 | |
CVE-2011-2367 | 6.4 |
The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict read operations, which allows remote attackers to obtain sensitive information from GPU memory associated with an arbitrary process, or cause a denial of service
|
19-09-2017 - 01:33 | 30-06-2011 - 16:55 | |
CVE-2011-2984 | 10.0 |
Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges
|
19-09-2017 - 01:33 | 18-08-2011 - 18:55 | |
CVE-2011-3005 | 9.3 |
Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OGG headers in a .
|
19-09-2017 - 01:33 | 29-09-2011 - 00:55 | |
CVE-2011-3000 | 4.3 |
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote a
|
19-09-2017 - 01:33 | 29-09-2011 - 00:55 | |
CVE-2011-2376 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and Thunderbird before 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code
|
19-09-2017 - 01:33 | 30-06-2011 - 16:55 | |
CVE-2011-1214 | 9.3 |
Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment, aka SPR PRAD8823JQ.
|
19-09-2017 - 01:32 | 31-05-2011 - 20:55 | |
CVE-2011-0912 | 9.3 |
Argument injection vulnerability in IBM Lotus Notes 8.0.x before 8.0.2 FP6 and 8.5.x before 8.5.1 FP5 allows remote attackers to execute arbitrary code via a cai:// URL containing a --launcher.library option that specifies a UNC share pathname for a
|
19-09-2017 - 01:32 | 08-02-2011 - 22:00 | |
CVE-2011-0074 | 10.0 |
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and applica
|
19-09-2017 - 01:31 | 07-05-2011 - 18:55 | |
CVE-2011-0053 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and appl
|
19-09-2017 - 01:31 | 02-03-2011 - 20:00 | |
CVE-2010-1231 | 7.5 |
Google Chrome before 4.1.249.1036 processes HTTP headers before invoking the SafeBrowsing feature, which allows remote attackers to have an unspecified impact via crafted headers.
|
19-09-2017 - 01:30 | 01-04-2010 - 22:30 | |
CVE-2010-1202 | 9.3 |
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption a
|
19-09-2017 - 01:30 | 24-06-2010 - 12:30 | |
CVE-2010-1237 | 7.5 |
Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via an empty SVG element.
|
19-09-2017 - 01:30 | 01-04-2010 - 22:30 | |
CVE-2010-1200 | 9.3 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and
|
19-09-2017 - 01:30 | 24-06-2010 - 12:30 | |
CVE-2010-0364 | 9.3 |
Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field.
|
19-09-2017 - 01:30 | 21-01-2010 - 20:30 | |
CVE-2010-0657 | 9.3 |
Google Chrome before 4.0.249.78 on Windows does not perform the expected encoding, escaping, and quoting for the URL in the --app argument in a desktop shortcut, which allows user-assisted remote attackers to execute arbitrary programs or obtain sens
|
19-09-2017 - 01:30 | 18-02-2010 - 18:00 |