257401
|
4.9 |
MEDIUM
|
apple
|
mac_os_x mac_os_x_server
|
Per: http://cwe.mitre.org/data/definitions/476.html
'CWE-476: NULL Pointer Dereference'
|
NVD-CWE-Other
|
CVE-2011-1132
|
2011-10-27 12:23 |
2011-06-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257402
|
2.1 |
LOW
|
apple
|
mac_os_x mac_os_x_server
|
App Store in Apple Mac OS X before 10.6.8 creates a log entry containing a user's AppleID password, which might allow local users to obtain sensitive information by reading a log file, as demonstrate…
|
CWE-200
情報漏えい
|
CVE-2011-0197
|
2011-10-27 12:21 |
2011-06-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257403
|
6.8 |
MEDIUM
|
apple
|
mac_os_x mac_os_x_server
|
Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code via a crafted embedded TrueType font.
|
CWE-119
バッファエラー
|
CVE-2011-0198
|
2011-10-27 12:21 |
2011-06-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257404
|
5.0 |
MEDIUM
|
apple
|
mac_os_x_server
|
Absolute path traversal vulnerability in xftpd in the FTP Server component in Apple Mac OS X before 10.6.8 allows remote attackers to list arbitrary directories by using the root directory as the sta…
|
CWE-22
パス・トラバーサル
|
CVE-2011-0203
|
2011-10-27 12:21 |
2011-06-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257405
|
6.8 |
MEDIUM
|
apple
|
imageio mac_os_x mac_os_x_server
|
Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image.
|
CWE-119
バッファエラー
|
CVE-2011-0205
|
2011-10-27 12:21 |
2011-06-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257406
|
5.0 |
MEDIUM
|
apple
|
mac_os_x mac_os_x_server
|
The MobileMe component in Apple Mac OS X before 10.6.8 uses a cleartext HTTP session for the Mail application to read e-mail aliases, which allows remote attackers to obtain potentially sensitive ali…
|
CWE-310
暗号の問題
|
CVE-2011-0207
|
2011-10-27 12:21 |
2011-06-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257407
|
6.8 |
MEDIUM
|
apple
|
quicktime mac_os_x mac_os_x_server
|
QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie…
|
CWE-119
バッファエラー
|
CVE-2011-0210
|
2011-10-27 12:21 |
2011-06-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257408
|
6.4 |
MEDIUM
|
apple
|
mac_os_x_server
|
servermgrd in Apple Mac OS X before 10.6.8 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumptio…
|
CWE-399
リソース管理の問題
|
CVE-2011-0212
|
2011-10-27 12:21 |
2011-06-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257409
|
5.0 |
MEDIUM
|
citadel
|
citadel
|
modules/xmpp/serv_xmpp.c in Citadel 7.86 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption…
|
CWE-399
リソース管理の問題
|
CVE-2011-1756
|
2011-10-26 13:00 |
2011-06-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257410
|
6.8 |
MEDIUM
|
redhat
|
jboss_enterprise_application_platform jboss_enterprise_soa_platform jboss_seam_2_framework
|
jboss-seam.jar in the JBoss Seam 2 framework 2.2.x and earlier, as distributed in Red Hat JBoss Enterprise SOA Platform 4.3.0.CP04 and 5.1.0 and JBoss Enterprise Application Platform (aka JBoss EAP o…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2011-1484
|
2011-10-26 11:58 |
2011-07-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257411
|
7.4 |
HIGH
|
citrix
|
xen
|
Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to ge…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2011-1898
|
2011-10-26 11:58 |
2011-08-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257412
|
6.8 |
MEDIUM
|
ffmpeg mplayerhq
|
ffmpeg mplayer
|
FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via …
|
CWE-119
バッファエラー
|
CVE-2011-0722
|
2011-10-26 11:57 |
2011-05-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257413
|
6.8 |
MEDIUM
|
ffmpeg mplayer
|
ffmpeg mplayer
|
FFmpeg 0.5.x, as used in MPlayer and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed VC-1 file.
|
CWE-399
リソース管理の問題
|
CVE-2011-0723
|
2011-10-26 11:57 |
2011-05-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257414
|
9.3 |
HIGH
|
freetype apple
|
freetype iphone_os
|
Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute …
|
CWE-189
数値処理の問題
|
CVE-2011-0226
|
2011-10-26 11:56 |
2011-07-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257415
|
6.8 |
MEDIUM
|
ffmpeg mplayerhq
|
ffmpeg mplayer
|
FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a mal…
|
CWE-119
バッファエラー
|
CVE-2010-3908
|
2011-10-26 11:53 |
2011-05-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257416
|
4.3 |
MEDIUM
|
juniper
|
idp
|
Cross-site scripting (XSS) vulnerability in Appliance Configuration Manager (ACM) in Juniper IDP 4.1 before 4.1r3 and 4.2 before 4.2r1 allows remote attackers to inject arbitrary web script or HTML v…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2009-5086
|
2011-10-26 11:45 |
2011-09-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257417
|
5.8 |
MEDIUM
|
ffmpeg
|
ffmpeg
|
oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted…
|
CWE-189
数値処理の問題
|
CVE-2009-4632
|
2011-10-26 11:44 |
2010-02-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257418
|
10.0 |
HIGH
|
ffmpeg
|
ffmpeg
|
vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via…
|
CWE-189
数値処理の問題
|
CVE-2009-4633
|
2011-10-26 11:44 |
2010-02-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257419
|
10.0 |
HIGH
|
ffmpeg
|
ffmpeg
|
Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that (1) bypasses a validation check in vorbis_dec…
|
CWE-189
数値処理の問題
|
CVE-2009-4634
|
2011-10-26 11:44 |
2010-02-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257420
|
9.3 |
HIGH
|
ffmpeg
|
ffmpeg
|
FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause (1) mov.c and (2) utils.c to us…
|
CWE-94
コード・インジェクション
|
CVE-2009-4635
|
2011-10-26 11:44 |
2010-02-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257421
|
4.3 |
MEDIUM
|
ffmpeg
|
ffmpeg
|
FFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop.
|
CWE-94
コード・インジェクション
|
CVE-2009-4636
|
2011-10-26 11:44 |
2010-02-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257422
|
4.3 |
MEDIUM
|
ffmpeg
|
ffmpeg
|
The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) via a crafted AVI file that triggers a divide-by-zero error.
|
CWE-189
数値処理の問題
|
CVE-2009-4639
|
2011-10-26 11:44 |
2010-02-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257423
|
4.3 |
MEDIUM
|
ffmpeg
|
ffmpeg
|
Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read.
|
CWE-189
数値処理の問題
|
CVE-2009-4640
|
2011-10-26 11:44 |
2010-02-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257424
|
6.8 |
MEDIUM
|
simplemachines
|
smf
|
Cross-site request forgery (CSRF) vulnerability in Simple Machines Forum (SMF) 2.x before 2.0.1 allows remote attackers to hijack the authentication of administrators or moderators via vectors involv…
|
CWE-352
同一生成元ポリシー違反
|
CVE-2011-4173
|
2011-10-25 13:00 |
2011-10-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257425
|
9.3 |
HIGH
|
plone zope
|
plone zope
|
Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the…
|
NVD-CWE-noinfo
|
CVE-2011-3587
|
2011-10-21 11:56 |
2011-10-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257426
|
5.8 |
MEDIUM
|
adam_kennedy
|
crypt-dsa
|
The Crypt::DSA (aka Crypt-DSA) module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determin…
|
CWE-310
暗号の問題
|
CVE-2011-3599
|
2011-10-21 11:56 |
2011-10-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257427
|
5.0 |
MEDIUM
|
conceptcms
|
conceptcms
|
conceptcms 5.3.1, 5.3.3, and possibly other versions allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error messa…
|
CWE-200
情報漏えい
|
CVE-2011-3720
|
2011-10-21 11:56 |
2011-09-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257428
|
7.8 |
HIGH
|
cisco
|
ios ios_xe
|
The IP Service Level Agreement (IP SLA) functionality in Cisco IOS 15.1, and IOS XE 2.1.x through 3.3.x, allows remote attackers to cause a denial of service (memory corruption and device reload) via…
|
CWE-399
リソース管理の問題
|
CVE-2011-3272
|
2011-10-21 11:55 |
2011-10-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257429
|
9.3 |
HIGH
|
apple
|
safari webkit
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differ…
|
CWE-119
バッファエラー
|
CVE-2011-1288
|
2011-10-21 11:53 |
2011-07-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257430
|
9.3 |
HIGH
|
apple
|
safari webkit
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differ…
|
CWE-119
バッファエラー
|
CVE-2011-1453
|
2011-10-21 11:53 |
2011-07-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257431
|
9.3 |
HIGH
|
apple
|
safari webkit
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differ…
|
CWE-119
バッファエラー
|
CVE-2011-1457
|
2011-10-21 11:53 |
2011-07-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257432
|
9.3 |
HIGH
|
apple
|
safari webkit
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differ…
|
CWE-119
バッファエラー
|
CVE-2011-1462
|
2011-10-21 11:53 |
2011-07-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257433
|
4.3 |
MEDIUM
|
apple
|
quicktime mac_os_x mac_os_x_server
|
The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via vectors involving a cross-site redire…
|
CWE-200
情報漏えい
|
CVE-2011-0187
|
2011-10-21 11:51 |
2011-03-23 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257434
|
6.8 |
MEDIUM
|
apple
|
mac_os_x mac_os_x_server
|
QuickLook in Apple Mac OS X 10.6 before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office …
|
CWE-119
バッファエラー
|
CVE-2011-0208
|
2011-10-21 11:51 |
2011-06-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257435
|
9.3 |
HIGH
|
apple
|
safari webkit
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differ…
|
CWE-119
バッファエラー
|
CVE-2011-0218
|
2011-10-21 11:51 |
2011-07-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257436
|
9.3 |
HIGH
|
apple
|
safari webkit
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differ…
|
CWE-119
バッファエラー
|
CVE-2011-0221
|
2011-10-21 11:51 |
2011-07-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257437
|
9.3 |
HIGH
|
apple
|
safari webkit
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differ…
|
CWE-119
バッファエラー
|
CVE-2011-0222
|
2011-10-21 11:51 |
2011-07-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257438
|
9.3 |
HIGH
|
apple
|
safari webkit
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differ…
|
CWE-119
バッファエラー
|
CVE-2011-0225
|
2011-10-21 11:51 |
2011-07-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257439
|
9.3 |
HIGH
|
apple
|
safari webkit
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differ…
|
CWE-119
バッファエラー
|
CVE-2011-0232
|
2011-10-21 11:51 |
2011-07-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257440
|
9.3 |
HIGH
|
apple
|
safari webkit
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differ…
|
CWE-119
バッファエラー
|
CVE-2011-0233
|
2011-10-21 11:51 |
2011-07-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257441
|
9.3 |
HIGH
|
apple
|
safari webkit
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differ…
|
CWE-119
バッファエラー
|
CVE-2011-0234
|
2011-10-21 11:51 |
2011-07-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257442
|
9.3 |
HIGH
|
apple
|
safari webkit
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differ…
|
CWE-119
バッファエラー
|
CVE-2011-0235
|
2011-10-21 11:51 |
2011-07-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257443
|
9.3 |
HIGH
|
apple
|
safari webkit
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differ…
|
CWE-119
バッファエラー
|
CVE-2011-0238
|
2011-10-21 11:51 |
2011-07-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257444
|
4.3 |
MEDIUM
|
apple
|
safari webkit
|
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving a URL that contains a username.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2011-0242
|
2011-10-21 11:51 |
2011-07-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257445
|
9.3 |
HIGH
|
apple
|
safari webkit
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differ…
|
CWE-119
バッファエラー
|
CVE-2011-0254
|
2011-10-21 11:51 |
2011-07-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257446
|
9.3 |
HIGH
|
apple
|
safari webkit
|
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differ…
|
CWE-119
バッファエラー
|
CVE-2011-0255
|
2011-10-21 11:51 |
2011-07-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257447
|
6.8 |
MEDIUM
|
apple
|
mac_os_x mac_os_x_server
|
Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microso…
|
CWE-119
バッファエラー
|
CVE-2010-3785
|
2011-10-21 11:48 |
2010-11-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257448
|
6.8 |
MEDIUM
|
apple
|
mac_os_x mac_os_x_server
|
QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Excel file.
|
CWE-119
バッファエラー
|
CVE-2010-3786
|
2011-10-21 11:48 |
2010-11-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257449
|
6.8 |
MEDIUM
|
apple
|
mac_os_x mac_os_x_server
|
QuickLook in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via an Excel spreadsheet with a…
|
CWE-119
バッファエラー
|
CVE-2011-0184
|
2011-10-20 13:00 |
2011-03-23 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
257450
|
7.5 |
HIGH
|
mega-nerd
|
libsndfile
|
Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a …
|
CWE-119
バッファエラー
|
CVE-2007-4974
|
2011-10-18 13:00 |
2007-09-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|