Search Results (23530 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-2216 2 Adobe, Redhat 4 Adobe Air, Flash Player, Flash Player For Linux and 1 more 2025-04-11 N/A
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2214.
CVE-2010-3113 4 Canonical, Google, Redhat and 1 more 4 Ubuntu Linux, Chrome, Enterprise Linux and 1 more 2025-04-11 N/A
Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors related to state changes when using DeleteButtonController.
CVE-2010-3119 3 Google, Redhat, Webkitgtk 3 Chrome, Enterprise Linux, Webkitgtk 2025-04-11 N/A
Google Chrome before 5.0.375.127 and webkitgtk before 1.2.6 do not properly support the Ruby language, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
CVE-2012-1952 2 Mozilla, Redhat 5 Firefox, Seamonkey, Thunderbird and 2 more 2025-04-11 N/A
The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and column-group frames, which might allow remote attackers to execute arbitrary code via a crafted web site.
CVE-2013-5802 3 Oracle, Redhat, Sun 9 Jdk, Jre, Jrockit and 6 more 2025-04-11 N/A
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP.
CVE-2012-1953 2 Mozilla, Redhat 5 Firefox, Seamonkey, Thunderbird and 2 more 2025-04-11 N/A
The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (buffer over-read, incorrect pointer dereference, and heap-based buffer overflow) or possibly execute arbitrary code via a crafted web site.
CVE-2012-1955 2 Mozilla, Redhat 5 Firefox, Seamonkey, Thunderbird and 2 more 2025-04-11 N/A
Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allow remote attackers to spoof the address bar via vectors involving history.forward and history.back calls.
CVE-2013-0446 3 Oracle, Redhat, Sun 6 Jdk, Jre, Network Satellite and 3 more 2025-04-11 N/A
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.
CVE-2012-1944 2 Mozilla, Redhat 5 Firefox, Seamonkey, Thunderbird and 2 more 2025-04-11 N/A
The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document.
CVE-2013-5804 3 Oracle, Redhat, Sun 9 Jdk, Jre, Jrockit and 6 more 2025-04-11 N/A
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc.
CVE-2013-4480 2 Redhat, Suse 5 Network Satellite, Satellite, Satellite With Embedded Oracle and 2 more 2025-04-11 N/A
Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.
CVE-2012-1941 2 Mozilla, Redhat 5 Firefox, Seamonkey, Thunderbird and 2 more 2025-04-11 N/A
Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns.
CVE-2013-4481 2 Redhat, Scientificlinux 2 Enterprise Linux, Luci 2025-04-11 N/A
Race condition in Luci 0.26.0 creates /var/lib/luci/etc/luci.ini with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as "authentication secrets."
CVE-2013-5797 3 Oracle, Redhat, Sun 10 Javafx, Jdk, Jre and 7 more 2025-04-11 N/A
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.
CVE-2013-5809 3 Oracle, Redhat, Sun 8 Jdk, Jre, Enterprise Linux and 5 more 2025-04-11 N/A
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5829.
CVE-2012-1938 4 Mozilla, Opensuse, Redhat and 1 more 14 Firefox, Seamonkey, Thunderbird and 11 more 2025-04-11 N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components.
CVE-2013-5820 3 Oracle, Redhat, Sun 8 Jdk, Jre, Enterprise Linux and 5 more 2025-04-11 N/A
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS.
CVE-2013-2266 2 Isc, Redhat 2 Bind, Enterprise Linux 2025-04-11 N/A
libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
CVE-2013-5790 3 Oracle, Redhat, Sun 7 Jdk, Jre, Enterprise Linux and 4 more 2025-04-11 N/A
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to BEANS.
CVE-2013-2165 1 Redhat 9 Jboss Enterprise Application Platform, Jboss Enterprise Brms Platform, Jboss Enterprise Portal Platform and 6 more 2025-04-11 N/A
ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise Application Platform through 4.3.0 CP10 and 5.x through 5.2.0, Red Hat JBoss BRMS through 5.3.1, Red Hat JBoss SOA Platform through 4.3.0 CP05 and 5.x through 5.3.1, Red Hat JBoss Portal through 4.3 CP07 and 5.x through 5.2.2, and Red Hat JBoss Operations Network through 2.4.2 and 3.x through 3.1.2 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data.