Search Results (3295 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-3054 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
CVE-2013-0420 2 Opensuse, Oracle 3 Opensuse, Virtualization, Vm Virtualbox 2025-04-11 N/A
Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 4.0, 4.1, and 4.2 allows local users to affect integrity and availability via unknown vectors related to Core. NOTE: The previous information was obtained from the January 2013 Oracle CPU. Oracle has not commented on claims from another vendor that this issue is related to an incorrect comparison in the vga_draw_text function in Devices/Graphics/DevVGA.cpp, which can cause VirtualBox to "draw more lines than necessary."
CVE-2011-3043 3 Apple, Google, Opensuse 5 Iphone Os, Itunes, Safari and 2 more 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox (aka flexible box) in conjunction with the floating of elements.
CVE-2012-0427 1 Opensuse 1 Opensuse 2025-04-11 N/A
yast2-add-on-creator in SUSE inst-source-utils 2008.11.26 before 2008.11.26-0.9.1 and 2012.9.13 before 2012.9.13-0.8.1 allows local users to gain privileges via a crafted (1) file name or (2) directory name.
CVE-2012-1095 1 Opensuse 2 Opensuse, Osc 2025-04-11 N/A
osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted (1) build log or (2) build status that contains an escape sequence for a terminal emulator.
CVE-2011-3039 3 Apple, Google, Opensuse 5 Iphone Os, Itunes, Safari and 2 more 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling.
CVE-2011-3038 3 Apple, Google, Opensuse 5 Iphone Os, Itunes, Safari and 2 more 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling.
CVE-2012-2885 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
Double free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to application exit.
CVE-2012-4293 3 Opensuse, Sun, Wireshark 3 Opensuse, Sunos, Wireshark 2025-04-11 N/A
plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet.
CVE-2011-3037 3 Apple, Google, Opensuse 5 Iphone Os, Itunes, Safari and 2 more 2025-04-11 N/A
Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
CVE-2011-3035 3 Apple, Google, Opensuse 5 Iphone Os, Itunes, Safari and 2 more 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.
CVE-2011-3031 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 N/A
Use-after-free vulnerability in the element wrapper in Google V8, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2013-2765 3 Apache, Opensuse, Trustwave 3 Http Server, Opensuse, Modsecurity 2025-04-11 N/A
The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.
CVE-2013-3333 8 Adobe, Apple, Google and 5 more 15 Adobe Air, Adobe Air Sdk, Flash Player and 12 more 2025-04-11 N/A
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3334, and CVE-2013-3335.
CVE-2012-6139 2 Opensuse, Xmlsoft 2 Opensuse, Libxslt 2025-04-11 N/A
libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functions.c.
CVE-2013-0765 3 Canonical, Mozilla, Opensuse 4 Ubuntu Linux, Firefox, Seamonkey and 1 more 2025-04-11 N/A
Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
CVE-2013-0883 5 Apple, Google, Linux and 2 more 5 Mac Os X, Chrome, Linux Kernel and 2 more 2025-04-11 N/A
Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors.
CVE-2013-0884 5 Apple, Google, Linux and 2 more 5 Mac Os X, Chrome, Linux Kernel and 2 more 2025-04-11 N/A
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly load Native Client (aka NaCl) code, which has unspecified impact and attack vectors.
CVE-2013-0889 5 Apple, Google, Linux and 2 more 5 Mac Os X, Chrome, Linux Kernel and 2 more 2025-04-11 N/A
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly enforce a user gesture requirement before proceeding with a file download, which might make it easier for remote attackers to execute arbitrary code via a crafted file.
CVE-2013-0897 5 Apple, Google, Linux and 2 more 5 Mac Os X, Chrome, Linux Kernel and 2 more 2025-04-11 N/A
Off-by-one error in the PDF functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service via a crafted document.