Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RealnetworksRealplayer

7 matches found

CVE
CVEadded 2010/12/14 4:0 p.m.48 views

CVE-2010-4388

The (1) Upsell.htm, (2) Main.html, and (3) Custsupport.html components in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 and 2.1.3 allow remote attackers to inject code into the RealOneActiveXObject process, and consequently bypass intend...

4.3CVSS7AI score0.00386EPSS
CVE
CVEadded 2013/07/06 1:57 p.m.48 views

CVE-2013-3299

RealNetworks RealPlayer 16.0.2.32 and earlier allows remote attackers to cause a denial of service (resource consumption or application crash) via an HTML document containing JavaScript code that constructs a long string.

4.3CVSS6.8AI score0.06507EPSS
CVE
CVEadded 2012/03/28 10:55 a.m.47 views

CVE-2012-1904

mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP4 file.

4.3CVSS6.8AI score0.10786EPSS
CVE
CVEadded 2011/08/18 11:55 p.m.46 views

CVE-2011-2947

Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document.

4.3CVSS5.9AI score0.00296EPSS
CVE
CVEadded 2011/10/04 10:55 p.m.45 views

CVE-2011-1221

Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone ...

4.3CVSS5.9AI score0.00296EPSS
CVE
CVEadded 2007/09/17 4:17 p.m.41 views

CVE-2007-4904

RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 (FC6) and possibly other platforms, allow user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error.

4.3CVSS6.6AI score0.03853EPSS
CVE
CVEadded 2010/12/14 4:0 p.m.39 views

CVE-2010-4396

Cross-zone scripting vulnerability in the HandleAction method in a certain ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 allows remote attackers to inject arbitrary web script or HTML in the Local Zone by specifying a ...

4.3CVSS6AI score0.00285EPSS