Total
2906 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4878 | 1 Hinnendahl | 1 Kontakt Formular | 2012-05-13 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in formmailer.php in Kontakt Formular 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the script_pfad parameter. | |||||
| CVE-2010-4964 | 1 Dlink | 2 Dcs-2121, Dcs-2121 Firmware | 2012-05-13 | 9.0 HIGH | N/A |
| recorder_test.cgi on the D-Link DCS-2121 camera with firmware 1.04 allows remote attackers to execute arbitrary commands via shell metacharacters in the Password field, related to a "semicolon injection" vulnerability. | |||||
| CVE-2010-4943 | 1 Brothersoft | 1 Saurus Cms | 2012-05-13 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Saurus CMS 4.7.0 allow remote attackers to execute arbitrary PHP code via a URL in the class_path parameter to (1) file.php or (2) com_del.php. | |||||
| CVE-2010-4939 | 1 Scripts.bdr130 | 1 Mailform | 2012-05-13 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in MailForm 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the theme parameter. | |||||
| CVE-2010-4924 | 1 Clearbudget | 1 Clearbudget | 2012-05-13 | 7.5 HIGH | N/A |
| ** DISPUTED ** PHP remote file inclusion vulnerability in logic/controller.class.php in clearBudget 0.9.8 allows remote attackers to execute arbitrary PHP code via a URL in the actionPath parameter. NOTE: this issue has been disputed by a reliable third party. | |||||
| CVE-2010-4948 | 1 Phpgalleryscript | 1 Php Free Photo Gallery | 2012-05-13 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in libs/adodb/adodb.inc.php in PHP Free Photo Gallery script allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | |||||
| CVE-2011-2386 | 1 Visiwave | 1 Site Survey | 2012-04-26 | 9.3 HIGH | N/A |
| VisiWaveReport.exe in AZO Technologies, Inc. VisiWave Site Survey before 2.1.9 allows user-assisted remote attackers to execute arbitrary code via a (1) vws and (2) vwr file with an invalid Type property, which triggers an untrusted pointer dereference. | |||||
| CVE-2012-0693 | 1 Whmcs | 1 Whmcompletesolution | 2012-04-22 | 5.0 MEDIUM | N/A |
| ** DISPUTED ** submitticket.php in WHMCompleteSolution (WHMCS) 5.03 allows remote attackers to inject arbitrary code into a subject field via crafted ticket data, a different vulnerability than CVE-2011-5061. NOTE: the vendor disputes this issue, noting that some of the details overlap CVE-2011-5061, but that it "says it affects V5.0.3, and the submitticket.php file, both of which are wrong." | |||||
| CVE-2011-2478 | 1 Google | 1 Sketchup | 2012-04-17 | 9.3 HIGH | N/A |
| Google SketchUp before 8 does not properly handle edge geometry in SketchUp (aka .SKP) files, which allows remote attackers to execute arbitrary code via a crafted file. | |||||
| CVE-2011-4882 | 1 Atvise | 1 Webmi2ads | 2012-04-13 | 5.0 MEDIUM | N/A |
| The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to cause a denial of service (application exit) via an unspecified command in an HTTP request. | |||||
| CVE-2010-2217 | 3 Adobe, Linux, Microsoft | 4 Flash Media Server, Flash Media Server 2, Linux Kernel and 1 more | 2012-03-18 | 10.0 HIGH | N/A |
| Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to execute arbitrary code via unspecified vectors, related to a "JS method vulnerability." | |||||
| CVE-2011-4258 | 1 Realnetworks | 1 Realplayer | 2012-03-07 | 9.3 HIGH | N/A |
| RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted length of an MLTI chunk in an IVR file. | |||||
| CVE-2011-4260 | 1 Realnetworks | 1 Realplayer | 2012-03-07 | 9.3 HIGH | N/A |
| RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed header in an MP4 file. | |||||
| CVE-2011-4247 | 1 Realnetworks | 1 Realplayer | 2012-03-07 | 9.3 HIGH | N/A |
| RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted QCELP stream. | |||||
| CVE-2011-4257 | 1 Realnetworks | 1 Realplayer | 2012-03-07 | 9.3 HIGH | N/A |
| The Cook codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via crafted channel data. | |||||
| CVE-2011-4256 | 1 Realnetworks | 1 Realplayer | 2012-03-07 | 10.0 HIGH | N/A |
| The RV30 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 does not initialize an unspecified index value, which allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2011-4254 | 1 Realnetworks | 1 Realplayer | 2012-03-07 | 10.0 HIGH | N/A |
| RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted RTSP SETUP request. | |||||
| CVE-2011-4252 | 1 Realnetworks | 1 Realplayer | 2012-03-07 | 9.3 HIGH | N/A |
| The RV10 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via a crafted sample height. | |||||
| CVE-2011-4251 | 1 Realnetworks | 1 Realplayer | 2012-03-07 | 9.3 HIGH | N/A |
| RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted sample size in a RealAudio file. | |||||
| CVE-2011-4248 | 1 Realnetworks | 1 Realplayer | 2012-03-07 | 9.3 HIGH | N/A |
| RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed AAC file. | |||||