Export limit exceeded: 345788 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345788 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (4046 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0601 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2025-04-11 | N/A |
| Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623. | ||||
| CVE-2012-1530 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2025-04-11 | N/A |
| Heap-based buffer overflow in the XSLT engine in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing an XSL file that triggers memory corruption when the lang function processes XML data with a crafted node-set. | ||||
| CVE-2013-1569 | 3 Oracle, Redhat, Sun | 7 Jdk, Jre, Enterprise Linux and 4 more | 2025-04-11 | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "checking of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2. | ||||
| CVE-2011-3389 | 9 Canonical, Debian, Google and 6 more | 21 Ubuntu Linux, Debian Linux, Chrome and 18 more | 2025-04-11 | N/A |
| The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack. | ||||
| CVE-2013-2419 | 3 Oracle, Redhat, Sun | 7 Jdk, Jre, Enterprise Linux and 4 more | 2025-04-11 | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "font processing errors" in the International Components for Unicode (ICU) Layout Engine before 51.2. | ||||
| CVE-2013-2426 | 2 Oracle, Redhat | 4 Jdk, Jre, Enterprise Linux and 1 more | 2025-04-11 | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect invocation of the defaultReadObject method in the ConcurrentHashMap class, which allows remote attackers to bypass the Java sandbox. | ||||
| CVE-2012-5081 | 3 Oracle, Redhat, Sun | 7 Jdk, Jre, Enterprise Linux and 4 more | 2025-04-11 | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE. | ||||
| CVE-2013-2446 | 3 Oracle, Redhat, Sun | 8 Jdk, Jre, Enterprise Linux and 5 more | 2025-04-11 | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly enforce access restrictions for CORBA output streams. | ||||
| CVE-2009-3793 | 3 Adobe, Macromedia, Redhat | 4 Air, Flash Player, Flash Player and 1 more | 2025-04-11 | N/A |
| Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory consumption) or possibly execute arbitrary code via unknown vectors. | ||||
| CVE-2011-0593 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | N/A |
| Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0595, and CVE-2011-0600. | ||||
| CVE-2011-2130 | 7 Adobe, Apple, Google and 4 more | 8 Adobe Air, Flash Player, Mac Os X and 5 more | 2025-04-11 | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2134, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415. | ||||
| CVE-2011-2137 | 7 Adobe, Apple, Google and 4 more | 8 Adobe Air, Flash Player, Mac Os X and 5 more | 2025-04-11 | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414, and CVE-2011-2415. | ||||
| CVE-2011-2414 | 7 Adobe, Apple, Google and 4 more | 8 Adobe Air, Flash Player, Mac Os X and 5 more | 2025-04-11 | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2415. | ||||
| CVE-2011-2415 | 7 Adobe, Apple, Google and 4 more | 8 Adobe Air, Flash Player, Mac Os X and 5 more | 2025-04-11 | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2414. | ||||
| CVE-2014-0491 | 5 Adobe, Apple, Linux and 2 more | 7 Adobe Air, Adobe Air Sdk, Flash Player and 4 more | 2025-04-11 | N/A |
| Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to bypass unspecified protection mechanisms via unknown vectors. | ||||
| CVE-2010-2185 | 3 Adobe, Macromedia, Redhat | 4 Air, Flash Player, Flash Player and 1 more | 2025-04-11 | N/A |
| Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2011-2425 | 7 Adobe, Apple, Google and 4 more | 8 Adobe Air, Flash Player, Mac Os X and 5 more | 2025-04-11 | N/A |
| Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2417. | ||||
| CVE-2013-0620 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2025-04-11 | N/A |
| Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, and CVE-2013-0623. | ||||
| CVE-2010-2187 | 3 Adobe, Macromedia, Redhat | 4 Air, Flash Player, Flash Player and 1 more | 2025-04-11 | N/A |
| Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2188. | ||||
| CVE-2010-2208 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | N/A |
| Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, dereference a heap object after this object's deletion, which allows attackers to execute arbitrary code via unspecified vectors. | ||||