Vulnerabilities (CVE)

CWE filter

CWE-20

Filter

7637 total CVE
CVE Vendors Products Updated CVSS
CVE-2010-4396 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-01-19 4.3
Cross-zone scripting vulnerability in the HandleAction method in a certain ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 allows remote attackers to inject arbitrary...
CVE-2010-4388 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-01-19 4.3
The (1) Upsell.htm, (2) Main.html, and (3) Custsupport.html components in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 and 2.1.3 allow remote attackers to inject code into the...
CVE-2010-3616 1 Isc 1 Dhcp 2011-01-19 5.0
ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service (communications-interrupted state and DHCP client service loss) by connecting to a port that is only intended...
CVE-2010-1844 1 Apple 2 Mac Os X, Mac Os X Server 2011-01-12 7.1
Unspecified vulnerability in Image Capture in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to cause a denial of service (memory consumption and system crash) via a crafted image.
CVE-2010-1841 1 Apple 2 Mac Os X, Mac Os X Server 2011-01-12 9.3
Disk Images in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted UDIF image.
CVE-2010-3862 1 Redhat 3 Jboss Enterprise Application Platform, Jboss Enterprise Web Platform, Jboss Remoting 2010-12-31 2.6
The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run method in JBoss Remoting 2.2.x before 2.2.3.SP4 and 2.5.x before 2.5.3.SP2 in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP)...
CVE-2010-3708 1 Redhat 2 Jboss Enterprise Soa Platform, Jboss Enterprise Application Platform 2010-12-30 7.5
The serialization implementation in JBoss Drools in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 before 4.3.0.CP09 and JBoss Enterprise SOA Platform 4.2 and 4.3 supports the embedding of class files, which allows...
CVE-2010-4550 1 Ibm 1 Lotus Notes Traveler 2010-12-17 5.0
IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers to cause a denial of service (sync failure) via a malformed document.
CVE-2010-4553 1 Ibm 1 Lotus Notes Traveler 2010-12-17 5.0
An unspecified Domino API in IBM Lotus Notes Traveler before 8.5.1.1 does not properly handle MIME types, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
CVE-2010-4548 1 Ibm 1 Lotus Notes Traveler 2010-12-17 2.1
IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (daemon crash) by accepting a meeting invitation with an iNotes client and then accepting this meeting invitation with an iPhone client.
CVE-1999-0001 3 Bsdi, Openbsd, Freebsd 3 Freebsd, Openbsd, Bsd Os 2010-12-16 5.0
ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.
CVE-2010-3788 1 Apple 3 Quicktime, Mac Os X, Mac Os X Server 2010-12-11 6.8
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 file.
CVE-2010-1843 1 Apple 2 Mac Os X, Mac Os X Server 2010-12-10 7.8
Networking in Apple Mac OS X 10.6.2 through 10.6.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted PIM packet.
CVE-2010-1834 1 Apple 2 Mac Os X, Mac Os X Server 2010-12-10 5.8
CFNetwork in Apple Mac OS X 10.6.x before 10.6.5 does not properly validate the domains of cookies, which makes it easier for remote web servers to track users by setting a cookie that is associated with a partial IP address.
CVE-2010-1828 1 Apple 2 Mac Os X, Mac Os X Server 2010-12-10 5.0
AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon restart) via crafted reconnect authentication packets.
CVE-2009-5020 1 Awstats 1 Awstats 2010-12-02 5.8
Open redirect vulnerability in awredir.pl in AWStats before 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVE-2009-2624 1 Gnu 1 Gzip 2010-11-18 6.8
The huft_build function in inflate.c in gzip before 1.3.13 creates a hufts (aka huffman) table that is too small, which allows remote attackers to cause a denial of service (application crash or infinite loop) or possibly execute arbitrary code...
CVE-2010-4068 1 Typo3 1 Typo3 2010-10-27 4.9
Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 allows remote authenticated administrators to read and possibly modify arbitrary files via a crafted parameter, a...
CVE-2010-3716 1 Typo3 1 Typo3 2010-10-27 6.0
The be_user_creation task in TYPO3 4.2.x before 4.2.15 and 4.3.x before 4.3.7 allows remote authenticated users to gain privileges via a crafted POST request that creates a user account with arbitrary group memberships.
CVE-2007-6739 1 G.rodola 1 Pyftpdlib 2010-10-20 5.0
FTPServer.py in pyftpdlib before 0.2.0 allows remote attackers to cause a denial of service via a long command.