Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Total 210374 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-2563 1 Cisco 2 Intercompany Media Engine, Unified Communications Manager 2011-10-05 7.8 HIGH N/A
Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8.x before 8.5(1) allows remote attackers to cause a denial of service (device reload) via crafted SAF packets, aka Bug ID CSCth26669.
CVE-2011-2564 1 Cisco 2 Intercompany Media Engine, Unified Communications Manager 2011-10-05 7.8 HIGH N/A
Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8.x before 8.5(1) allows remote attackers to cause a denial of service (device reload) via crafted SAF packets, aka Bug ID CSCth19417.
CVE-2011-2654 1 Novell 1 Cloud Manager 2011-10-05 9.3 HIGH N/A
The RPC implementation in the server in Novell Cloud Manager 1.1.2 before Patch 3 does not properly initialize objects, which allows remote attackers to execute arbitrary code by making RPC calls that leverage incorrect privileges associated with a partially initialized session.
CVE-2011-2945 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-10-05 9.3 HIGH N/A
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted SIPR stream.
CVE-2011-2946 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-10-05 10.0 HIGH N/A
Unspecified vulnerability in an ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2011-2947 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-10-05 4.3 MEDIUM N/A
Cross-zone scripting vulnerability in the RealPlayer ActiveX control in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to inject arbitrary web script or HTML in the Local Zone via a local HTML document.
CVE-2011-2948 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-10-05 9.3 HIGH N/A
RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.0 through 2.1.5, and Mac RealPlayer 12.0.0.1569 do not properly handle DEFINEFONT fields in SWF files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted file.
CVE-2011-2949 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-10-05 9.3 HIGH N/A
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via crafted ID3v2 tags in an MP3 file.
CVE-2011-2951 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-10-05 9.3 HIGH N/A
Buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.0.0.1569 allows remote attackers to execute arbitrary code via a crafted raw_data_frame field in an AAC file.
CVE-2011-2952 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-10-05 9.3 HIGH N/A
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via vectors related to a dialog box.
CVE-2011-2953 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-10-05 10.0 HIGH N/A
An unspecified ActiveX control in the browser plugin in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors, related to an out-of-bounds condition.
CVE-2011-2954 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-10-05 9.3 HIGH N/A
Use-after-free vulnerability in the AutoUpdate feature in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2011-2955 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-10-05 9.3 HIGH N/A
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via vectors related to a modal dialog.
CVE-2011-3385 2 Lepton-cms, Websitebaker2 2 Lepton, Websitebaker 2011-10-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in WebsiteBaker before 2.8, as used in LEPTON and possibly other products, allows remote attackers to inject arbitrary web script or HTML via unknown vectors, a different vulnerability than CVE-2006-2307.
CVE-2011-2419 1 Adobe 1 Shockwave Player 2011-10-04 10.0 HIGH N/A
IML32.dll in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2011-2420 1 Adobe 1 Shockwave Player 2011-10-04 10.0 HIGH N/A
Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2011-2421 1 Adobe 1 Shockwave Player 2011-10-04 9.3 HIGH N/A
Dirapi.dll in Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir media file.
CVE-2011-2422 1 Adobe 1 Shockwave Player 2011-10-04 10.0 HIGH N/A
Textra.x32 in Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2011-2109 1 Adobe 1 Shockwave Player 2011-10-04 9.3 HIGH N/A
Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.
CVE-2011-2111 1 Adobe 1 Shockwave Player 2011-10-04 9.3 HIGH N/A
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2115 and CVE-2011-2116.