Total
640 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-4609 | 12 Bsd, Bsdi, Cisco and 9 more | 22 Bsd, Bsd Os, Catalyst Blade Switch 3020 and 19 more | 2022-12-14 | 7.1 HIGH | N/A |
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. | |||||
CVE-2013-3900 | 1 Microsoft | 13 Windows 10, Windows 11, Windows 7 and 10 more | 2022-11-02 | 7.6 HIGH | N/A |
The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during Authenticode signature verification, which allows remote attackers to execute arbitrary code via a crafted PE file, aka "WinVerifyTrust Signature Validation Vulnerability." | |||||
CVE-2014-9748 | 3 Libuv, Microsoft, Nodejs | 4 Libuv, Windows Server 2003, Windows Xp and 1 more | 2022-08-12 | 6.8 MEDIUM | 8.1 HIGH |
The uv_rwlock_t fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to cause a denial of service (deadlock) or possibly have unspecified other impact by leveraging a race condition. | |||||
CVE-2011-2001 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-03-01 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual Function Table Corruption Remote Code Execution Vulnerability." | |||||
CVE-2012-0171 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-03-01 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code Execution Vulnerability." | |||||
CVE-2012-0168 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-03-01 | 7.6 HIGH | N/A |
Microsoft Internet Explorer 6 through 9 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document that is not properly handled during a "Print table of links" print operation, aka "Print Feature Remote Code Execution Vulnerability." | |||||
CVE-2012-0011 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-03-01 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "HTML Layout Remote Code Execution Vulnerability." | |||||
CVE-2012-0010 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-03-01 | 4.3 MEDIUM | N/A |
Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information Disclosure Vulnerability." | |||||
CVE-2011-3404 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-03-01 | 4.3 MEDIUM | N/A |
Microsoft Internet Explorer 6 through 9 does not properly use the Content-Disposition HTTP header to control rendering of the HTTP response body, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Content-Disposition Information Disclosure Vulnerability." | |||||
CVE-2011-1992 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-03-01 | 4.3 MEDIUM | N/A |
The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different (1) domain or (2) zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability." | |||||
CVE-2011-2000 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-02-28 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Body Element Remote Code Execution Vulnerability." | |||||
CVE-2011-1999 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-02-28 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability." | |||||
CVE-2011-1996 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-02-28 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Option Element Remote Code Execution Vulnerability." | |||||
CVE-2011-1995 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-02-28 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerability." | |||||
CVE-2011-1993 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-02-28 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Scroll Event Remote Code Execution Vulnerability." | |||||
CVE-2011-1960 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-02-28 | 4.3 MEDIUM | N/A |
Microsoft Internet Explorer 6 through 9 does not properly implement JavaScript event handlers, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified script code, aka "Event Handlers Information Disclosure Vulnerability." | |||||
CVE-2011-1964 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-02-28 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Style Object Memory Corruption Vulnerability." | |||||
CVE-2011-1963 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-02-28 | 9.3 HIGH | N/A |
Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "XSLT Memory Corruption Vulnerability." | |||||
CVE-2011-1962 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-02-28 | 4.3 MEDIUM | N/A |
Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences, which allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site that triggers "inactive filtering," aka "Shift JIS Character Encoding Vulnerability." | |||||
CVE-2011-1961 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2022-02-28 | 9.3 HIGH | N/A |
The telnet URI handler in Microsoft Internet Explorer 6 through 9 does not properly launch the handler application, which allows remote attackers to execute arbitrary programs via a crafted web site, aka "Telnet Handler Remote Code Execution Vulnerability." |