Export limit exceeded: 361516 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (2714 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-1812 | 4 Apple, Canonical, Redhat and 1 more | 5 Iphone Os, Ipod Touch, Ubuntu Linux and 2 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections. | ||||
| CVE-2010-1847 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| The kernel in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform memory management associated with terminal devices, which allows local users to cause a denial of service (system crash) via unspecified vectors. | ||||
| CVE-2011-4858 | 2 Apache, Redhat | 10 Tomcat, Enterprise Linux, Jboss Communications Platform and 7 more | 2025-04-11 | N/A |
| Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. | ||||
| CVE-2010-0175 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger a call to the handler for the select event for XUL tree items. | ||||
| CVE-2010-0177 | 2 Mozilla, Redhat | 3 Firefox, Seamonkey, Enterprise Linux | 2025-04-11 | N/A |
| Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability." | ||||
| CVE-2012-3754 | 1 Apple | 1 Quicktime | 2025-04-11 | N/A |
| Use-after-free vulnerability in the Clear method in the ActiveX control in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | ||||
| CVE-2010-2800 | 1 Cabextract Project | 1 Cabextract | 2025-04-11 | N/A |
| The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed MSZIP archive in a .cab file during a (1) test or (2) extract action, related to the libmspack library. | ||||
| CVE-2011-1779 | 1 Freebsd | 1 Libarchive | 2025-04-11 | N/A |
| Multiple use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted (1) TAR archive or (2) ISO9660 image. | ||||
| CVE-2012-3751 | 1 Apple | 1 Quicktime | 2025-04-11 | N/A |
| Use-after-free vulnerability in the plugin in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with a crafted _qtactivex_ parameter in an OBJECT element. | ||||
| CVE-2012-3747 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| WebKit, as used in Apple iOS before 6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2012-3510 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-11 | N/A |
| Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskstats TASKSTATS_CMD_ATTR_PID command. | ||||
| CVE-2012-3726 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| Double free vulnerability in ImageIO in Apple iOS before 6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image. | ||||
| CVE-2012-0027 | 1 Openssl | 1 Openssl | 2025-04-11 | N/A |
| The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client. | ||||
| CVE-2011-3996 | 1 Controlsystemworks | 1 Csworks | 2025-04-11 | N/A |
| The LiveData Service in CSWorks before 2.0.4115.1 allows remote attackers to cause a denial of service (service crash) via crafted TCP packets. | ||||
| CVE-2011-3982 | 1 Ibm | 1 Aix | 2025-04-11 | N/A |
| The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service (system hang) via vectors that generate a large amount of DMA I/O, related to a deadlock in timer processing across CPUs. | ||||
| CVE-2011-3973 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. | ||||
| CVE-2013-0650 | 6 Adobe, Apple, Google and 3 more | 10 Adobe Air, Adobe Air Sdk, Adobe Air Sdk And Compiler and 7 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2013-0644 | 6 Adobe, Apple, Google and 3 more | 8 Air, Air Sdk, Flash Player and 5 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0649 and CVE-2013-1374. | ||||
| CVE-2011-1983 | 1 Microsoft | 1 Office | 2025-04-11 | N/A |
| Use-after-free vulnerability in Microsoft Office 2007 SP2 and SP3, Office 2010 Gold and SP1, and Office for Mac 2011 allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Use After Free Vulnerability." | ||||
| CVE-2011-4078 | 2 Php, Roundcube | 2 Php, Webmail | 2025-04-11 | N/A |
| include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7 or 5.3.8 is used, allows remote attackers to trigger a GET request for an arbitrary URL, and cause a denial of service (resource consumption and inbox outage), via a Subject header containing only a URL, a related issue to CVE-2011-3379. | ||||