Total
2541 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-0065 | 1 Mozilla | 2 Firefox, Seamonkey | 2017-09-19 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel. | |||||
| CVE-2010-3823 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2017-09-19 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Geolocation objects. NOTE: this might overlap CVE-2010-3415. | |||||
| CVE-2010-4486 | 1 Google | 1 Chrome | 2017-09-19 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to history handling. | |||||
| CVE-2010-4374 | 1 Nullsoft | 1 Winamp | 2017-09-19 | 4.3 MEDIUM | N/A |
| The in_mkv plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via a Matroska Video (MKV) file containing a string with a crafted length. | |||||
| CVE-2010-4150 | 1 Php | 1 Php | 2017-09-19 | 5.0 MEDIUM | N/A |
| Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2010-3811 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2017-09-19 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element attributes. | |||||
| CVE-2010-3633 | 1 Adobe | 1 Flash Media Server | 2017-09-19 | 5.0 MEDIUM | N/A |
| Memory leak in Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before 3.5.5, and 4.0.x before 4.0.1 allows attackers to cause a denial of service (memory consumption) via unspecified vectors. | |||||
| CVE-2010-4301 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 5.0 MEDIUM | N/A |
| epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes. | |||||
| CVE-2011-0066 | 1 Mozilla | 2 Firefox, Seamonkey | 2017-09-19 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mObserverList. | |||||
| CVE-2011-0085 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2017-09-19 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in the nsXULCommandDispatcher function in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via a crafted XUL document that dequeues the current command updater. | |||||
| CVE-2010-3824 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2017-09-19 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving SVG use elements. | |||||
| CVE-2010-3737 | 1 Ibm | 1 Db2 | 2017-09-19 | 3.5 LOW | N/A |
| Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (heap memory consumption) by executing a (1) user-defined function (UDF) or (2) stored procedure while using a different code page than the database server. | |||||
| CVE-2011-0116 | 2 Apple, Microsoft | 6 Itunes, Webkit, Windows and 3 more | 2017-09-19 | 7.6 HIGH | N/A |
| Use-after-free vulnerability in the setOuterText method in the htmlelement library in WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to DOM manipulations during iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | |||||
| CVE-2010-2286 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 3.3 LOW | N/A |
| The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | |||||
| CVE-2010-4092 | 1 Adobe | 1 Shockwave Player | 2017-09-19 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in an unspecified compatibility component in Adobe Shockwave Player before 11.5.9.620 allows user-assisted remote attackers to execute arbitrary code via a crafted web site, related to the Shockwave Settings window and an unloaded library. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-3021 | 1 Opera | 1 Opera Browser | 2017-09-19 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Opera before 10.61 allows remote attackers to cause a denial of service (CPU consumption and application hang) via an animated PNG image. | |||||
| CVE-2010-3820 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2017-09-19 | 9.3 HIGH | N/A |
| WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, accesses uninitialized memory during processing of editable elements, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. | |||||
| CVE-2011-0083 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2017-09-19 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback. | |||||
| CVE-2010-2767 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2017-09-19 | 9.3 HIGH | N/A |
| The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a "dangling pointer vulnerability." | |||||
| CVE-2011-0057 | 1 Mozilla | 2 Firefox, Seamonkey | 2017-09-19 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to execute arbitrary code via vectors related to a JavaScript Worker and garbage collection. | |||||