Search
59,872 CVEs
CVEs (59,872, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 76–100 of 59,872 (capped at 500)
| CVE ID ↑ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2011-10027 | NONE | — | 2025-08-20 | AOL Desktop 9.6 contains a buffer overflow vulnerability in its Tool\rich.rct component when parsing .rtx files. By embedding an overly long string in a hyperlink tag, an a… | |
| CVE-2011-10028 | NONE | — | 2025-08-20 | The RealNetworks RealArcade platform includes an ActiveX control (InstallerDlg.dll, version 2.6.0.445) that exposes a method named Exec via the StubbyUtil.ProcessMgr COM ob… | |
| CVE-2011-10029 | NONE | — | 2025-08-20 | Solar FTP Server fails to properly handle format strings passed to the USER command. When a specially crafted string containing format specifiers is sent, the server crashe… | |
| CVE-2011-10030 | NONE | — | 2025-08-20 | Foxit PDF Reader < 4.3.1.0218 exposes a JavaScript API function, createDataObject(), that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedd… | |
| CVE-2011-10031 | NONE | — | 2026-04-22 | Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | |
| CVE-2011-10032 | NONE | — | 2025-08-30 | Sunway ForceControl version 6.1 SP3 and earlier contains a stack-based buffer overflow vulnerability in the SNMP NetDBServer service, which listens on TCP port 2001. The fl… | |
| CVE-2011-10033 | NONE | — | 2025-10-15 | The WordPress plugin is-human <= v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' pa… | |
| CVE-2011-10034 | NONE | — | 2025-11-12 | AUTOMGEN versions up to and including 8.0.0.7 (also referenced as 8.022) contain a vulnerability in that project file handling frees an object and subsequently dereferences… | |
| CVE-2011-10035 | HIGH | Patched | 7.0 | 2025-10-30 | Nagios XI versions prior to 2011R1.9 contain privilege escalation vulnerabilities in the scripts that install or update system crontab entries. Due to time-of-check/time-of… |
| CVE-2011-10036 | MEDIUM | Patched | 5.4 | 2025-10-30 | Nagios XI versions prior to 2011R1.9 are vulnerable to cross-site scripting (XSS) via the handling of the "backend_url" JavaScript link. Insufficient validation or escaping… |
| CVE-2011-10037 | MEDIUM | Patched | 5.4 | 2025-10-30 | Nagios XI versions prior to 2011R1.9 are vulnerable to cross-site scripting (XSS) via the handling of xiwindow variables used to build permalinks in the web interface. Insu… |
| CVE-2011-10038 | MEDIUM | Patched | 5.4 | 2025-10-30 | Nagios XI versions prior to 2011R1.9 are vulnerable to cross-site scripting (XSS) via the recurring downtime script of the web interface. Insufficient validation or escapin… |
| CVE-2011-10039 | MEDIUM | Patched | 5.4 | 2025-10-30 | Nagios XI versions prior to 2011R1.9 are vulnerable to cross-site scripting (XSS) via the Alert Heatmap report and the “My Reports” listing of the web interface. Insufficie… |
| CVE-2011-10040 | MEDIUM | Patched | 5.4 | 2025-10-30 | Nagios XI versions prior to 2011R1.9 are vulnerable to cross-site scripting (XSS) via the link-handling functions used by status and report pages. Insufficient validation o… |
| CVE-2011-10041 | NONE | — | 2026-01-15 | Uploadify WordPress plugin versions up to and including 1.0 contain an arbitrary file upload vulnerability in process_upload.php due to missing file type validation. An una… | |
| CVE-2011-20001 | HIGH | 7.5 | 2025-10-14 | A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family (incl. SIPLUS variants) (All versions < V2.0.3), SIMATIC S7-1200 CPU V2 family (incl. SIPLUS variants) … | |
| CVE-2011-20002 | HIGH | 7.4 | 2025-10-14 | A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family (incl. SIPLUS variants) (All versions < V2.0.2), SIMATIC S7-1200 CPU V2 family (incl. SIPLUS variants) … | |
| CVE-2012-10019 | CRITICAL | Patched | 9.8 | 2025-07-19 | The Front End Editor plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the upload.php file in versions before 2.3. This m… |
| CVE-2012-10020 | CRITICAL | Patched | 9.8 | 2025-07-22 | The FoxyPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadify.php file in versions up to, and including, 0… |
| CVE-2012-10021 | CRITICAL | Patched | 9.8 | 2025-07-31 | A stack-based buffer overflow vulnerability exists in D-Link DIR-605L Wireless N300 Cloud Router firmware versions 1.12 and 1.13 via the getAuthCode() function. The flaw ar… |
| CVE-2012-10022 | NONE | — | 2025-08-01 | Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that allow local privilege escalation from uid 48. The lxsuexec binary performs a … | |
| CVE-2012-10023 | CRITICAL | 9.8 | 2025-08-05 | A stack-based buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0. The server fails to properly validate input passed to the USER command, allowing r… | |
| CVE-2012-10024 | NONE | — | 2025-08-05 | XBMC version 11, including builds up to the 2012-11-04 nightly release, contains a path traversal vulnerability in its embedded HTTP server. When accessed via HTTP Basic Au… | |
| CVE-2012-10025 | NONE | — | 2025-08-05 | The WordPress plugin Advanced Custom Fields (ACF) version 3.5.1 and below contains a remote file inclusion (RFI) vulnerability in core/actions/export.php. When the PHP conf… | |
| CVE-2012-10026 | NONE | — | 2025-08-05 | The WordPress plugin Asset-Manager version 2.0 and below contains an unauthenticated arbitrary file upload vulnerability in upload.php. The endpoint fails to properly valid… |