Vulnerabilities (CVE)

Filter

130145 total CVE
CVE Vendors Products Updated CVSS
CVE-2010-4378 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-01-26 9.3
The drv2.dll (aka RV20 decompression) module in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.1.2 and 2.1.3, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions,...
CVE-2010-4375 1 Realnetworks 1 Realplayer 2011-01-26 9.3
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via...
CVE-2010-3749 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-01-26 9.3
The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1 allows remote attackers to arguments to the RecordClip method, which allows remote attackers to download an arbitrary program onto a...
CVE-2010-2997 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-01-26 9.3
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers...
CVE-2010-2094 1 Php 1 Php 2011-01-26 6.8
Multiple format string vulnerabilities in the phar extension in PHP 5.3 before 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) and possibly execute arbitrary code via a crafted phar:// URI that is not...
CVE-2009-4269 1 Apache 1 Derby 2011-01-26 2.1
The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that reduces the size of the set of inputs to SHA-1, which produces a small search space that makes it...
CVE-2009-1251 2 Openafs, Unix 2 Unix, Openafs 2011-01-26 10.0
Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX...
CVE-2009-1250 2 Ibm, Openafs 2 Afs, Openafs 2011-01-26 7.8
The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value...
CVE-2005-3294 1 Typsoft 1 Typsoft Ftp Server 2011-01-26 5.0
Typsoft FTP Server 1.11, with "Sub Directory Include" enabled, allows remote attackers to cause a denial of service (crash) by sending multiple RETR commands. NOTE: it was later reported that 1.10 is also affected.
CVE-2011-0519 1 Gallarific 1 Php Photo Gallery Script 2011-01-24 7.5
SQL injection vulnerability in gallery.php in Gallarific PHP Photo Gallery script 2.1 and possibly other versions allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2011-0514 1 Hp 1 Data Protector Manager 2011-01-24 5.0
The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows remote attackers to cause a denial of service (crash) via a packet with a large data size to TCP port 1530.
CVE-2011-0501 1 Musanim 1 Music Animation Machine Midi Player 2011-01-24 9.3
Stack-based buffer overflow in Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly other versions allows user-assisted remote attackers to execute arbitrary code via a long line in a .mamx file.
CVE-2011-0498 1 Nokia 1 Multimedia Player 2011-01-24 9.3
Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a playlist (.npl) file.
CVE-2010-4071 1 Otrs 1 Otrs 2011-01-24 2.6
Cross-site scripting (XSS) vulnerability in AgentTicketZoom in OTRS 2.4.x before 2.4.9, when RichText is enabled, allows remote attackers to inject arbitrary web script or HTML via JavaScript in an HTML e-mail.
CVE-2010-4586 1 Opera 1 Opera Browser 2011-01-22 10.0
The default configuration of Opera before 11.00 enables WebSockets functionality, which has unspecified impact and remote attack vectors, possibly a related issue to CVE-2010-4508.
CVE-2010-4585 1 Opera 1 Opera Browser 2011-01-22 5.0
Unspecified vulnerability in the auto-update functionality in Opera before 11.00 allows remote attackers to cause a denial of service (application crash) by triggering an Opera Unite update.
CVE-2010-4584 1 Opera 1 Opera Browser 2011-01-22 2.6
Opera before 11.00, when Opera Turbo is used, does not properly present information about problematic X.509 certificates on https web sites, which might make it easier for remote attackers to spoof trusted content via a crafted web site.
CVE-2010-4583 1 Opera 1 Opera Browser 2011-01-22 2.6
Opera before 11.00, when Opera Turbo is enabled, does not display a page's security indication, which makes it easier for remote attackers to spoof trusted content via a crafted web site.
CVE-2010-4582 1 Opera 1 Opera Browser 2011-01-22 5.0
Opera before 11.00 does not properly handle security policies during updates to extensions, which might allow remote attackers to bypass intended access restrictions via unspecified vectors.
CVE-2010-4581 1 Opera 1 Opera Browser 2011-01-22 10.0
Unspecified vulnerability in Opera before 11.00 has unknown impact and attack vectors, related to "a high severity issue."