CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5353 matches found

Cvelist•added 2010/09/07 5:0 p.m.•20 views

CVE-2010-3257

Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving element focus...

9.1AI score0.08594EPSS

Exploits0References21

OpenVAS•added 2010/09/07 12:0 a.m.•14 views

Mandriva Update for libHX MDVSA-2010:165 (libHX)

Check for the Version of libHX OpenVAS Vulnerability Test Mandriva Update for libHX MDVSA-2010:165 libHX Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

10CVSS6.5AI score0.09197EPSS

Exploits0References2

Prion•added 2010/09/03 6:0 p.m.•14 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Pecio CMS 2.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the template parameter to 1 post.php, 2 article.php, 3 blog.php, or 4 home.php in pectemplates/nova-blue/...

7.5CVSS8.1AI score0.01395EPSS

Exploits1References4Affected Software1

NVD•added 2010/08/27 7:0 p.m.•11 views

CVE-2010-3139

Untrusted search path vulnerability in Microsoft Windows Progman Group Converter grpconv.exe allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse imm.dll that is located in the same folder as a .grp file...

9.3CVSS7.3AI score0.17089EPSS

Exploits1References5

NVD•added 2010/08/27 7:0 p.m.•18 views

CVE-2010-3141

Untrusted search path vulnerability in Microsoft PowerPoint 2010 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse pptimpconv.dll that is located in the same folder as a .odp, .pot, .potm, .potx, .ppa, .pps, .ppsm,...

9.3CVSS7.2AI score0.0493EPSS

Exploits1References1

NVD•added 2010/08/26 9:0 p.m.•20 views

CVE-2010-2881

IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x24C0 of a...

9.3CVSS7.5AI score0.06735EPSS

Exploits0References5

NVD•added 2010/08/26 9:0 p.m.•15 views

CVE-2010-2876

Adobe Shockwave Player before 11.5.8.612 does not properly validate values associated with buffer-size calculation for a 0xFFFFFFF8 record in a 1 .dir or 2 .dcr Director movie, which allows remote attackers to cause a denial of service heap memory corruption or execute arbitrary code via a crafte...

9.3CVSS7.5AI score0.10749EPSS

Exploits0References6

NVD•added 2010/08/26 9:0 p.m.•18 views

CVE-2010-2879

Multiple integer overflows in the allocator in the TextXtra.x32 module in Adobe Shockwave Player before 11.5.8.612 allow remote attackers to cause a denial of service heap memory corruption or execute arbitrary code via a crafted 1 element count or 2 element size value in a file...

9.3CVSS7.5AI score0.11155EPSS

Exploits0References6

NVD•added 2010/08/26 9:0 p.m.•16 views

CVE-2010-2882

DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x3812 of a...

9.3CVSS7.5AI score0.06735EPSS

Exploits0References5

NVD•added 2010/08/26 9:0 p.m.•17 views

CVE-2010-2880

9.3CVSS7.5AI score0.06735EPSS

Exploits0References5

NVD•added 2010/08/26 9:0 p.m.•15 views

CVE-2010-2866

Integer signedness error in the DIRAPI module in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a count value associated with an "undocumented structure" and the tSAC chunk in a Director movie...

9.3CVSS7.5AI score0.23952EPSS

Exploits0References6

NVD•added 2010/08/26 9:0 p.m.•14 views

CVE-2010-2864

9.3CVSS7.5AI score0.06029EPSS

Exploits0References5

NVD•added 2010/08/26 9:0 p.m.•21 views

CVE-2010-2868

IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x320D...

9.3CVSS7.8AI score0.06029EPSS

Exploits0References5

Prion•added 2010/08/26 9:0 p.m.•21 views

Null pointer dereference

DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly handle a certain return value associated with the rcsL chunk in a Director movie, which allows remote attackers to cause a denial of service heap memory corruption or execute arbitrary code via a crafted movie, related to a...

9.3CVSS8.1AI score0.04835EPSS

Exploits0References6Affected Software1

Prion•added 2010/08/26 9:0 p.m.•16 views

Memory corruption

9.3CVSS8.1AI score0.06029EPSS

Exploits0References5Affected Software1

Prion•added 2010/08/26 9:0 p.m.•13 views

Memory corruption

9.3CVSS8.1AI score0.06735EPSS

Exploits0References5Affected Software1

Prion•added 2010/08/26 9:0 p.m.•16 views

Memory corruption