ReportizFlow
Filtered by vendor
Subscriptions
Total
5468 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-4700 | 2 Android, Ubermedia | 2 Android, Ubersocial | 2025-04-11 | N/A |
| The UberMedia UberSocial (com.twidroid) application 7.x before 7.2.4 for Android does not properly protect data, which allows remote attackers to read or modify Twitter information via a crafted application. | ||||
| CVE-2011-4704 | 2 Android, Voxofon | 2 Android, Voxofon | 2025-04-11 | N/A |
| The Voxofon (com.voxofon) application before 2.5.2 for Android does not properly protect data, which allows remote attackers to read or modify SMS information via a crafted application. | ||||
| CVE-2010-3983 | 1 Sap | 1 Businessobjects | 2025-04-11 | N/A |
| CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges via vectors involving the Program Job Server and the Program Login property. | ||||
| CVE-2013-5165 | 1 Apple | 1 Mac Os X | 2025-04-11 | N/A |
| socketfilterfw in Application Firewall in Apple Mac OS X before 10.9 does not properly implement the --blockApp option, which allows remote attackers to bypass intended access restrictions via a network connection to an application for which blocking was configured. | ||||
| CVE-2011-4939 | 1 Pidgin | 1 Pidgin | 2025-04-11 | N/A |
| The pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin before 2.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by changing a nickname while in an XMPP chat room. | ||||
| CVE-2010-4806 | 1 Ibm | 1 Web Content Manager | 2025-04-11 | N/A |
| The authoring tool in IBM Web Content Manager (WCM) 6.1.5, and 7.0.0.1 before CF003, allows remote authenticated users to bypass intended access restrictions on draft creation by leveraging certain resource editor privileges. | ||||
| CVE-2012-0434 | 1 Novell | 1 Suse Cloud | 2025-04-11 | N/A |
| The server in Crowbar, as used in SUSE Cloud 1.0, uses weak permissions for the production.log file, which has unspecified impact and attack vectors. | ||||
| CVE-2011-4769 | 2 360, Android | 2 Mobilesafe, Android | 2025-04-11 | N/A |
| The 360 MobileSafe (com.qihoo360.mobilesafe) application 2.x before 2.3.0 for Android does not properly protect data, which allows remote attackers to read or modify SMS messages and a contact list via a crafted application. | ||||
| CVE-2011-4770 | 2 Android, Qiwi | 2 Android, Wallet | 2025-04-11 | N/A |
| The QIWI Wallet (ru.mw) application before 1.14.2 for Android does not properly protect data, which allows remote attackers to read or modify financial information via a crafted application. | ||||
| CVE-2011-4771 | 2 Android, Lucion | 2 Android, Scan To Pdf Free | 2025-04-11 | N/A |
| The Scan to PDF Free (com.scan.to.pdf.trial) application 2.0.4 for Android does not properly protect data, which allows remote attackers to read or modify scanned files and a Google account via a crafted application. | ||||
| CVE-2011-4773 | 2 Android, Anguanjia | 2 Android, Anguanjia | 2025-04-11 | N/A |
| The AnGuanJia (com.anguanjia.safe) application 2.10.343 for Android does not properly protect data, which allows remote attackers to read or modify SMS messages and a contact list via a crafted application. | ||||
| CVE-2011-4703 | 2 Android, Nathanielkh | 2 Android, Limit My Call | 2025-04-11 | N/A |
| The Limit My Call (com.limited.call.view) application 2.11 for Android does not properly protect data, which allows remote attackers to read or modify call logs and a contact list via a crafted application. | ||||
| CVE-2012-0680 | 1 Apple | 1 Safari | 2025-04-11 | N/A |
| Apple Safari before 6.0 does not properly handle the autocomplete attribute of a password input element, which allows remote attackers to bypass authentication by leveraging an unattended workstation. | ||||
| CVE-2011-4197 | 1 Pfsense | 1 Pfsense | 2025-04-11 | N/A |
| etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 creates each X.509 certificate with a true value for the CA basic constraint, which allows remote attackers to create sub-certificates for arbitrary subjects by leveraging the private key. | ||||
| CVE-2010-5144 | 1 Websense | 3 Websense, Websense Web Filter, Websense Web Security | 2025-04-11 | N/A |
| The ISAPI Filter plug-in in Websense Enterprise, Websense Web Security, and Websense Web Filter 6.3.3 and earlier, when used in conjunction with a Microsoft ISA or Microsoft Forefront TMG server, allows remote attackers to bypass intended filtering and monitoring activities for web traffic via an HTTP Via header. | ||||
| CVE-2011-4861 | 1 Schneider-electric | 3 Quantum Ethernet Module 140noe77100, Quantum Ethernet Module 140noe77101, Quantum Ethernet Module 140noe77111 | 2025-04-11 | N/A |
| The modbus_125_handler function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device (aka the Quantum 140NOE771* module) allows remote attackers to install arbitrary firmware updates via a MODBUS 125 function code to TCP port 502. | ||||
| CVE-2012-0445 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-11 | N/A |
| Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame's name attribute. | ||||
| CVE-2011-4865 | 2 Google, Tencent | 3 Android, Microblogpad, Wblog | 2025-04-11 | N/A |
| The Tencent WBlog (com.tencent.WBlog) 3.3.1 and MicroBlogPad 1.4.0 applications for Android do not properly protect data, which allows remote attackers to read or modify message drafts and search keywords via a crafted application. | ||||
| CVE-2011-4867 | 2 Android, Tencent | 2 Android, Qqpphoto | 2025-04-11 | N/A |
| The Tencent QQPhoto (com.tencent.qqphoto) application 0.97 for Android does not properly protect data, which allows remote attackers to read or modify contact information and a password hash via a crafted application. | ||||
| CVE-2011-5044 | 1 Sopcast | 1 Sopcast | 2025-04-11 | N/A |
| SopCast 3.4.7.45585 uses weak permissions (Everyone:Full Control) for Diagnose.exe, which allows local users to execute arbitrary code by replacing Diagnose.exe with a Trojan horse program. | ||||