Search Results (121300 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-2900 1 Google 1 Chrome 2025-04-11 N/A
Google Chrome before 5.0.375.125 does not properly handle a large canvas, which has unspecified impact and remote attack vectors.
CVE-2011-1168 2 Kde, Redhat 2 Kde Sc, Enterprise Linux 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site.
CVE-2013-6489 2 Pidgin, Redhat 2 Pidgin, Enterprise Linux 2025-04-11 N/A
Integer signedness error in the MXit functionality in Pidgin before 2.10.8 allows remote attackers to cause a denial of service (segmentation fault) via a crafted emoticon value, which triggers an integer overflow and a buffer overflow.
CVE-2010-4990 2 B-elektro, Joomla 2 Com Addressbook, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php.
CVE-2013-5700 1 Bitcoin 2 Bitcoin-qt, Bitcoin Core 2025-04-11 N/A
The Bloom Filter implementation in bitcoind and Bitcoin-Qt 0.8.x before 0.8.4rc1 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted sequence of messages.
CVE-2013-3504 1 Gwos 1 Groundwork Monitor 2025-04-11 N/A
Directory traversal vulnerability in monarch.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to overwrite arbitrary files by leveraging access to the nagios account.
CVE-2013-5976 1 F5 1 Big-ip Access Policy Manager 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the access policy logout page (logout.inc) in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.1.0 through 11.3.0 allows remote attackers to inject arbitrary web script or HTML via the LastMRH_Session cookie.
CVE-2013-6196 1 Hp 1 Autonomy Ultraseek 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in HP Autonomy Ultraseek 5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-2899 1 Google 1 Chrome 2025-04-11 N/A
Unspecified vulnerability in the layout implementation in Google Chrome before 5.0.375.125 allows remote attackers to obtain sensitive information from process memory via unknown vectors.
CVE-2013-5702 1 Watchguard 2 Fireware, Watchguard System Manager 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in WebCenter in WatchGuard WSM and Fireware before 11.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.
CVE-2013-6490 2 Pidgin, Redhat 2 Pidgin, Enterprise Linux 2025-04-11 N/A
The SIMPLE protocol functionality in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a negative Content-Length header, which triggers a buffer overflow.
CVE-2013-6195 1 Hp 1 Storage Data Protector 2025-04-11 N/A
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-2008.
CVE-2013-5703 1 Draytek 2 Vigor 2700 Router, Vigor 2700 Router Firmware 2025-04-11 N/A
The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute arbitrary JavaScript code, and modify settings or the DNS cache, via a crafted SSID value that is not properly handled during insertion into the sWlessSurvey value in variables.js.
CVE-2013-6193 1 Hp 25 Color Laserjet Cm1312nfi Multifunction Printer, Color Laserjet Cm2320n Multifunction Printer, Color Laserjet Cp1515 and 22 more 2025-04-11 N/A
Unspecified vulnerability on HP LaserJet M1522n and M2727; LaserJet Pro 100, 300, 400, CM1415fnw, CP1*, M121*, M1536dnf, and P1*; Color LaserJet CM* and CP*; and TopShot LaserJet Pro M275 printers allows remote attackers to cause a denial of service via unknown vectors.
CVE-2013-5977 1 Cart66 1 Cart66 Lite Plugin 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in Cart66Product.php in the Cart66 Lite plugin before 1.5.1.15 for WordPress allows remote attackers to hijack the authentication of administrators for requests that (1) create or modify products or conduct cross-site scripting (XSS) attacks via the (2) Product name or (3) Price description field in a product save action via a request to wp-admin/admin.php.
CVE-2013-3513 1 Gwos 1 Groundwork Monitor 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the Noma component in GroundWork Monitor Enterprise 6.7.0 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) store XSS sequences or (2) delete entries.
CVE-2013-6191 1 Hp 1 Operations Orchestration 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-6189 1 Hp 1 Application Information Optimizer 2025-04-11 N/A
Unspecified vulnerability in the Archive Query Server in HP Application Information Optimizer (formerly HP Database Archiving) 6.2, 6.3, 6.4, and 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1666.
CVE-2013-5309 2 Fudforum, Ilia Alshanetsky 2 Fudforum, Fudforum 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in FUDforum 3.0.4.1 and earlier, when registering a new user, allows remote attackers to inject arbitrary web script or HTML via a custom profile field to index.php. NOTE: some of these details are obtained from third party information.
CVE-2011-2804 1 Google 1 Chrome 2025-04-11 N/A
Google Chrome before 13.0.782.107 does not properly handle nested functions in PDF documents, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.