Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3955 | 1 Google | 1 Chrome | 2020-05-08 | 7.5 HIGH | N/A |
| Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that trigger the aborting of an IndexedDB transaction. | |||||
| CVE-2011-3957 | 1 Google | 1 Chrome | 2020-05-08 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the garbage-collection functionality in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF documents. | |||||
| CVE-2011-3961 | 1 Google | 1 Chrome | 2020-05-08 | 9.3 HIGH | N/A |
| Race condition in Google Chrome before 17.0.963.46 allows remote attackers to execute arbitrary code via vectors that trigger a crash of a utility process. | |||||
| CVE-2011-3963 | 1 Google | 1 Chrome | 2020-05-08 | 5.0 MEDIUM | N/A |
| Google Chrome before 17.0.963.46 does not properly handle PDF FAX images, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2011-3971 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2020-05-08 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. | |||||
| CVE-2011-3972 | 1 Google | 1 Chrome | 2020-05-08 | 5.0 MEDIUM | N/A |
| The shader translator implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2011-3894 | 1 Google | 1 Chrome | 2020-05-08 | 7.5 HIGH | N/A |
| Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted stream. | |||||
| CVE-2011-3887 | 2 Apple, Google | 3 Iphone Os, Safari, Chrome | 2020-05-08 | 5.0 MEDIUM | N/A |
| Google Chrome before 15.0.874.102 does not properly handle javascript: URLs, which allows remote attackers to bypass intended access restrictions and read cookies via unspecified vectors. | |||||
| CVE-2011-3893 | 1 Google | 1 Chrome | 2020-05-08 | 5.0 MEDIUM | N/A |
| Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2011-3892 | 2 Debian, Google | 2 Debian Linux, Chrome | 2020-05-08 | 7.5 HIGH | N/A |
| Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream. | |||||
| CVE-2011-3884 | 1 Google | 1 Chrome | 2020-05-08 | 6.8 MEDIUM | N/A |
| Google Chrome before 15.0.874.102 does not properly address timing issues during DOM traversal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2011-3879 | 1 Google | 1 Chrome | 2020-05-07 | 7.5 HIGH | N/A |
| Google Chrome before 15.0.874.102 does not prevent redirects to chrome: URLs, which has unspecified impact and remote attack vectors. | |||||
| CVE-2011-3914 | 1 Google | 1 Chrome | 2020-05-07 | 7.5 HIGH | N/A |
| The internationalization (aka i18n) functionality in Google V8, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. | |||||
| CVE-2011-3909 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2020-05-07 | 5.0 MEDIUM | N/A |
| The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2011-3906 | 1 Google | 1 Chrome | 2020-05-07 | 5.0 MEDIUM | N/A |
| The PDF parser in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2011-3915 | 1 Google | 1 Chrome | 2020-05-07 | 7.5 HIGH | N/A |
| Buffer overflow in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF fonts. | |||||
| CVE-2011-3905 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2020-05-07 | 5.0 MEDIUM | N/A |
| libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2011-3919 | 5 Apple, Debian, Google and 2 more | 9 Iphone Os, Mac Os X, Debian Linux and 6 more | 2020-05-07 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-3921 | 1 Google | 1 Chrome | 2020-05-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving animation frames. | |||||
| CVE-2011-3922 | 1 Google | 1 Chrome | 2020-05-07 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to glyph handling. | |||||
| CVE-2011-3924 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2020-05-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections. | |||||
| CVE-2011-3925 | 1 Google | 1 Chrome | 2020-05-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the Safe Browsing feature in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors related to a navigation entry and an interstitial page. | |||||
| CVE-2011-3926 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2020-05-07 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-3927 | 1 Google | 1 Chrome | 2020-05-07 | 7.5 HIGH | N/A |
| Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-3928 | 2 Apple, Google | 3 Iphone Os, Safari, Chrome | 2020-05-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. | |||||
| CVE-2011-3966 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2020-05-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data. | |||||
| CVE-2011-3967 | 1 Google | 1 Chrome | 2020-05-07 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) via a crafted certificate. | |||||
| CVE-2011-3904 | 1 Google | 1 Chrome | 2020-05-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to bidirectional text (aka bidi) handling. | |||||
| CVE-2011-3877 | 1 Google | 1 Chrome | 2020-05-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the appcache internals page in Google Chrome before 15.0.874.102 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-3878 | 1 Google | 1 Chrome | 2020-05-07 | 6.8 MEDIUM | N/A |
| Race condition in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker process initialization. | |||||
| CVE-2011-3875 | 1 Google | 1 Chrome | 2020-05-07 | 4.3 MEDIUM | N/A |
| Google Chrome before 15.0.874.102 does not properly handle drag and drop operations on URL strings, which allows user-assisted remote attackers to spoof the URL bar via unspecified vectors. | |||||
| CVE-2011-3896 | 1 Google | 1 Chrome | 2020-05-07 | 7.5 HIGH | N/A |
| Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping. | |||||
| CVE-2011-3890 | 1 Google | 1 Chrome | 2020-05-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video source handling. | |||||
| CVE-2011-3903 | 1 Google | 1 Chrome | 2020-05-07 | 5.0 MEDIUM | N/A |
| Google Chrome before 16.0.912.63 does not properly perform regex matching, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2011-3907 | 1 Google | 1 Chrome | 2020-05-07 | 4.3 MEDIUM | N/A |
| The view-source feature in Google Chrome before 16.0.912.63 allows remote attackers to spoof the URL bar via unspecified vectors. | |||||
| CVE-2011-3910 | 1 Google | 1 Chrome | 2020-05-07 | 5.0 MEDIUM | N/A |
| Google Chrome before 16.0.912.63 does not properly handle YUV video frames, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2020-12678 | 2020-05-06 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-12677. Reason: This candidate is a reservation duplicate of CVE-2020-12677. Notes: All CVE users should reference CVE-2020-12677 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2006-4994 | 1 Apachefriends | 1 Xampp | 2020-05-06 | 4.6 MEDIUM | N/A |
| Multiple unquoted Windows search path vulnerabilities in Apache Friends XAMPP 1.5.2 might allow local users to gain privileges via a malicious program file in %SYSTEMDRIVE%, which is run when XAMPP attempts to execute (1) FileZillaServer.exe, (2) mysqld-nt.exe, (3) Perl.exe, or (4) xamppcontrol.exe with an unquoted "Program Files" pathname. | |||||
| CVE-2012-5539 | 2 Drupal, Organic Groups Project | 2 Drupal, Organic Groups | 2020-05-06 | 3.5 LOW | N/A |
| The Organic Groups (OG) module 7.x-1.x before 7.x-1.5 for Drupal does not properly maintain pending group memberships, which allows remote authenticated users to post to arbitrary groups by modifying their own account while a pending membership is waiting to be approved. | |||||
| CVE-2020-11495 | 2020-05-05 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2017-18753 | 2020-05-05 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-20734, CVE-2017-18864. Reason: this candidate was intended for one issue, but the description and references inadvertently combined multiple issues. Notes: All CVE users should consult CVE-2019-20734 and CVE-2017-18864 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2017-18760 | 2020-05-05 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-20732, CVE-2017-18865. Reason: this candidate was intended for one issue, but the description and references inadvertently combined multiple issues. Notes: All CVE users should consult CVE-2019-20732 and CVE-2017-18865 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2017-18771 | 2020-05-05 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-20738, CVE-2017-18866. Reason: this candidate was intended for one issue, but the description and references inadvertently combined multiple issues. Notes: All CVE users should consult CVE-2019-20738 and CVE-2017-18866 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2017-18774 | 2020-05-05 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-21139, CVE-2017-18867. Reason: this candidate was intended for one issue, but the description and references inadvertently combined multiple issues. Notes: All CVE users should consult CVE-2018-21139 and CVE-2017-18867 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2014-8585 | 1 Wpdownloadmanager | 1 Wordpress Download Manager | 2020-05-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the WordPress Download Manager plugin for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the fname parameter to (1) views/file_download.php or (2) file_download.php. | |||||
| CVE-2013-7319 | 1 Wpdownloadmanager | 1 Wordpress Download Manager | 2020-05-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Download Manager plugin before 2.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the title field. | |||||
| CVE-2015-4945 | 1 Ibm | 1 Maximo Anywhere | 2020-04-30 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the IBM Maximo Anywhere application 7.5.1 through 7.5.1.2 for Android allows attackers to bypass a passcode protection mechanism and obtain sensitive information via a crafted application. | |||||
| CVE-2015-3451 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2020-04-29 | 5.0 MEDIUM | N/A |
| The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function. | |||||
| CVE-2012-2283 | 2 Emc, Iomega | 4 Lifeline, Home Media Network Hard Drive, Iconnect and 1 more | 2020-04-21 | 5.5 MEDIUM | N/A |
| The Iomega Home Media Network Hard Drive with EMC Lifeline firmware before 2.104, Home Media Network Hard Drive Cloud Edition with EMC Lifeline firmware before 3.2.3.15290, iConnect with EMC Lifeline firmware before 2.5.26.18966, and StorCenter with EMC Lifeline firmware before 2.0.18.23122, 2.1.x before 2.1.42.18967, and 3.x before 3.2.3.15290 allow remote authenticated users to read or modify data on arbitrary remote shares via unspecified vectors. | |||||
| CVE-2011-3960 | 1 Google | 1 Chrome | 2020-04-21 | 4.3 MEDIUM | N/A |
| Google Chrome before 17.0.963.46 does not properly decode audio data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||