Total
210374 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-2563 | 1 Cisco | 2 Intercompany Media Engine, Unified Communications Manager | 2011-10-05 | 7.8 HIGH | N/A |
Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8.x before 8.5(1) allows remote attackers to cause a denial of service (device reload) via crafted SAF packets, aka Bug ID CSCth26669. | |||||
CVE-2011-2564 | 1 Cisco | 2 Intercompany Media Engine, Unified Communications Manager | 2011-10-05 | 7.8 HIGH | N/A |
Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8.x before 8.5(1) allows remote attackers to cause a denial of service (device reload) via crafted SAF packets, aka Bug ID CSCth19417. | |||||
CVE-2011-2654 | 1 Novell | 1 Cloud Manager | 2011-10-05 | 9.3 HIGH | N/A |
The RPC implementation in the server in Novell Cloud Manager 1.1.2 before Patch 3 does not properly initialize objects, which allows remote attackers to execute arbitrary code by making RPC calls that leverage incorrect privileges associated with a partially initialized session. | |||||
CVE-2011-2945 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2011-10-05 | 9.3 HIGH | N/A |
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted SIPR stream. | |||||
CVE-2011-2946 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2011-10-05 | 10.0 HIGH | N/A |
Unspecified vulnerability in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
CVE-2011-2947 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2011-10-05 | 4.3 MEDIUM | N/A |
Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document. | |||||
CVE-2011-2948 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2011-10-05 | 9.3 HIGH | N/A |
RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.0 through 2.1.5, and Mac RealPlayer 12.0.0.1569 do not properly handle DEFINEFONT fields in SWF files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted file. | |||||
CVE-2011-2949 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2011-10-05 | 9.3 HIGH | N/A |
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via crafted ID3v2 tags in an MP3 file. | |||||
CVE-2011-2951 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2011-10-05 | 9.3 HIGH | N/A |
Buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.0.0.1569 allows remote attackers to execute arbitrary code via a crafted raw_data_frame field in an AAC file. | |||||
CVE-2011-2952 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2011-10-05 | 9.3 HIGH | N/A |
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via vectors related to a dialog box. | |||||
CVE-2011-2953 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2011-10-05 | 10.0 HIGH | N/A |
An unspecified ActiveX control in the browser plugin in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors, related to an out-of-bounds condition. | |||||
CVE-2011-2954 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2011-10-05 | 9.3 HIGH | N/A |
Use-after-free vulnerability in the AutoUpdate feature in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
CVE-2011-2955 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2011-10-05 | 9.3 HIGH | N/A |
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via vectors related to a modal dialog. | |||||
CVE-2011-3385 | 2 Lepton-cms, Websitebaker2 | 2 Lepton, Websitebaker | 2011-10-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in WebsiteBaker before 2.8, as used in LEPTON and possibly other products, allows remote attackers to inject arbitrary web script or HTML via unknown vectors, a different vulnerability than CVE-2006-2307. | |||||
CVE-2011-2419 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 10.0 HIGH | N/A |
IML32.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
CVE-2011-2420 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 10.0 HIGH | N/A |
Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
CVE-2011-2421 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 9.3 HIGH | N/A |
Dirapi.dll in Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir media file. | |||||
CVE-2011-2422 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 10.0 HIGH | N/A |
Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
CVE-2011-2109 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 9.3 HIGH | N/A |
Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors. | |||||
CVE-2011-2111 | 1 Adobe | 1 Shockwave Player | 2011-10-04 | 9.3 HIGH | N/A |
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2115 and CVE-2011-2116. |