Search
Total
1343 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1392 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2018-10-10 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to HTML buttons and the first-letter CSS style. | |||||
| CVE-2010-1401 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2018-10-10 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the :first-letter pseudo-element. | |||||
| CVE-2010-1398 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2018-10-10 | 9.3 HIGH | N/A |
| WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document, related to the insertion of an unspecified element into an editable container and the access of an uninitialized element. | |||||
| CVE-2010-1397 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2018-10-10 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to a layout change during selection rendering and the DOCUMENT_POSITION_DISCONNECTED attribute in a container of an unspecified type. | |||||
| CVE-2010-0529 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2018-10-10 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a BkPixPat opcode (0x12) containing crafted values that are used in a calculation for memory allocation. | |||||
| CVE-2010-0705 | 2 Avast, Microsoft | 4 Avast Antivirus Home, Avast Antivirus Professional, Windows 2000 and 1 more | 2018-10-10 | 7.2 HIGH | N/A |
| Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly validate input to IOCTL 0xb2d60030, which allows local users to cause a denial of service (system crash) or execute arbitrary code to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption. | |||||
| CVE-2010-0528 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2018-10-10 | 9.3 HIGH | N/A |
| Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted color tables in a movie file, related to malformed MediaVideo data, a sample description atom (STSD), and a crafted length value. | |||||
| CVE-2009-4310 | 2 Microsoft, Windows | 4 Windows 2000, Windows 2003 Server, Windows Xp and 1 more | 2018-10-10 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to many loop iterations, as demonstrated by data in an AVI file. | |||||
| CVE-2009-4309 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Media Player and 1 more | 2018-10-10 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file. | |||||
| CVE-2009-4215 | 2 Microsoft, Pandasecurity | 6 Windows 7, Windows Vista, Windows Xp and 3 more | 2018-10-10 | 7.2 HIGH | N/A |
| Panda Global Protection 2010, Internet Security 2010, and Antivirus Pro 2010 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs. | |||||
| CVE-2009-4210 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2018-10-10 | 9.3 HIGH | N/A |
| The Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted media content. | |||||
| CVE-2009-0945 | 2 Apple, Microsoft | 5 Mac Os X, Mac Os X Server, Safari and 2 more | 2018-10-10 | 9.3 HIGH | N/A |
| Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the (1) SVGTransformList, (2) SVGStringList, (3) SVGNumberList, (4) SVGPathSegList, (5) SVGPointList, or (6) SVGLengthList SVGList object, which triggers memory corruption. | |||||
| CVE-2002-2105 | 1 Microsoft | 1 Windows Xp | 2017-12-19 | 2.1 LOW | N/A |
| Microsoft Windows XP allows local users to prevent the system from booting via a corrupt explorer.exe.manifest file. | |||||
| CVE-2002-2132 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2017-11-21 | 2.1 LOW | N/A |
| Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes. | |||||
| CVE-2012-4969 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server and 3 more | 2017-11-21 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012. | |||||
| CVE-2006-5614 | 1 Microsoft | 2 Windows Nt Helper Components, Windows Xp | 2017-10-19 | 2.6 LOW | N/A |
| Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP SP2, when Internet Connection Sharing is enabled, allows remote attackers to cause a denial of service (svchost.exe crash) via a malformed DNS query, which results in a null pointer dereference. | |||||
| CVE-2006-6723 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2017-10-19 | 7.8 HIGH | N/A |
| The Workstation service in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to cause a denial of service (memory consumption) via a large maxlen value in an NetrWkstaUserEnum RPC request. | |||||
| CVE-2006-6261 | 2 Microsoft, Quinnware | 7 Windows 2000, Windows 95, Windows 98 and 4 more | 2017-10-19 | 9.3 HIGH | N/A |
| Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields. | |||||
| CVE-2007-1912 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2017-10-11 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file. | |||||
| CVE-2007-2186 | 2 Foxit, Microsoft | 9 Pdf Reader, Windows 2000, Windows 2003 Server and 6 more | 2017-10-11 | 5.0 MEDIUM | N/A |
| Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. | |||||
| CVE-2007-2736 | 9 Achievo, Apple, Hp and 6 more | 18 Achievo, A Ux, Mac Os X and 15 more | 2017-10-11 | 10.0 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter. | |||||
| CVE-2006-7210 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2017-10-11 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (cpu consumption) via a PNG image with crafted (1) Width and (2) Height values in the IHDR block. | |||||
| CVE-2007-1347 | 1 Microsoft | 3 Windows 2000, Windows Explorer, Windows Xp | 2017-10-11 | 7.1 HIGH | N/A |
| Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR, and possibly other versions and platforms, allows remote attackers to cause a denial of service (memory corruption and crash) via an Office file with crafted document summary information, which causes an error in Ole32.dll. | |||||
| CVE-2001-0860 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2017-10-10 | 7.5 HIGH | N/A |
| Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT). | |||||
| CVE-2001-0909 | 1 Microsoft | 1 Windows Xp | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in helpctr.exe program in Microsoft Help Center for Windows XP allows remote attackers to execute arbitrary code via a long hcp: URL. | |||||
| CVE-2005-4696 | 1 Microsoft | 1 Windows Xp | 2017-10-05 | 2.1 LOW | N/A |
| The Microsoft Wireless Zero Configuration system (WZCS) stores WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key in plaintext in memory of the explorer process, which allows attackers with access to process memory to steal the keys and access the network. | |||||
| CVE-2009-1511 | 1 Microsoft | 1 Windows Xp | 2017-09-29 | 7.8 HIGH | N/A |
| GDI+ in Microsoft Windows XP SP3 allows remote attackers to cause a denial of service (infinite loop) via a PNG file that contains a certain large btChunkLen value. | |||||
| CVE-2009-0008 | 2 Apple, Microsoft | 3 Quicktime Mpeg-2 Playback Component, Windows Vista, Windows Xp | 2017-09-29 | 7.6 HIGH | N/A |
| Unspecified vulnerability in Apple QuickTime MPEG-2 Playback Component before 7.60.92.0 on Windows allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted MPEG-2 movie. | |||||
| CVE-2009-0119 | 1 Microsoft | 1 Windows Xp | 2017-09-29 | 10.0 HIGH | N/A |
| Buffer overflow in Microsoft Windows XP SP3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .chm file. | |||||
| CVE-2008-4323 | 1 Microsoft | 1 Windows Xp | 2017-09-29 | 4.3 MEDIUM | N/A |
| Windows Explorer in Microsoft Windows XP SP3 allows user-assisted attackers to cause a denial of service (application crash) via a crafted .ZIP file. | |||||
| CVE-2013-1022 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted mvhd atoms in a movie file. | |||||
| CVE-2013-1016 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.263 encoding. | |||||
| CVE-2013-1015 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TeXML file. | |||||
| CVE-2013-1019 | 2 Apple, Microsoft | 5 Iphone Os, Quicktime, Windows 7 and 2 more | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding. | |||||
| CVE-2013-1018 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. | |||||
| CVE-2013-0989 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP3 file. | |||||
| CVE-2013-0988 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FPX file. | |||||
| CVE-2013-1017 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted dref atoms in a movie file. | |||||
| CVE-2013-0987 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QTIF file. | |||||
| CVE-2013-0986 | 2 Apple, Microsoft | 5 Mac Os X, Quicktime, Windows 7 and 2 more | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted enof atoms in a movie file. | |||||
| CVE-2013-1021 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG data in a movie file. | |||||
| CVE-2013-1020 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG data in a movie file. | |||||
| CVE-2011-3247 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Integer overflow in Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT file. | |||||
| CVE-2011-3248 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Integer signedness error in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font table in a QuickTime movie file. | |||||
| CVE-2011-3219 | 2 Apple, Microsoft | 4 Itunes, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. | |||||
| CVE-2011-3251 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted TKHD atoms in a QuickTime movie file. | |||||
| CVE-2011-3252 | 2 Apple, Microsoft | 4 Itunes, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in CoreAudio, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Advanced Audio Coding (AAC) stream. | |||||
| CVE-2011-3250 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Integer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding. | |||||
| CVE-2011-3249 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Buffer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with FLC encoding. | |||||
| CVE-2011-2338 | 2 Apple, Microsoft | 5 Itunes, Webkit, Windows 7 and 2 more | 2017-09-19 | 7.6 HIGH | N/A |
| WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | |||||