Search
Total
6314 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3003 | 1 Ibm | 1 Ims Enterprise Suite | 2017-08-29 | 9.0 HIGH | N/A |
| Unspecified vulnerability in SOAP Gateway in IBM IMS Enterprise Suite 1.1, 2.1, and 2.2 allows remote authenticated users to execute arbitrary commands via unknown vectors. | |||||
| CVE-2012-4561 | 1 Libssh | 1 Libssh | 2017-08-29 | 5.0 MEDIUM | N/A |
| The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign, and (5) ssh_sign_session_id functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service (crash) via unspecified vectors. | |||||
| CVE-2012-4033 | 2 Wordpress, Zingiri | 2 Wordpress, Zingiri Web Shop | 2017-08-29 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the Zingiri Web Shop plugin before 2.4.0 for WordPress have unknown impact and attack vectors. | |||||
| CVE-2012-4050 | 2 Google, Samsung | 5 Chrome Os, Cr-48 Chromebook, Chromebox 3 and 2 more | 2017-08-29 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome OS before 21.0.1180.50 on the Cr-48 and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, have unknown impact and attack vectors. | |||||
| CVE-2012-4839 | 1 Ibm | 1 Rational Clearquest | 2017-08-29 | 4.3 MEDIUM | N/A |
| The OSLC interface in the Web Client (aka CQ Web) in IBM Rational ClearQuest 7.1.2.x before 7.1.2.9 and 8.0.0.x before 8.0.0.5 allows remote attackers to conduct phishing attacks via a FRAME element. | |||||
| CVE-2012-4536 | 1 Xen | 1 Xen | 2017-08-29 | 2.1 LOW | N/A |
| The (1) domain_pirq_to_emuirq and (2) physdev_unmap_pirq functions in Xen 2.2 allows local guest OS administrators to cause a denial of service (Xen crash) via a crafted pirq value that triggers an out-of-bounds read. | |||||
| CVE-2012-6503 | 2 Joomla, Ninjaforge | 2 Joomla\!, Com Ninjaxplorer | 2017-08-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the NinjaXplorer component before 1.0.7 for Joomla! has unknown impact and attack vectors. | |||||
| CVE-2013-0153 | 1 Xen | 1 Xen | 2017-08-29 | 4.7 MEDIUM | N/A |
| The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests. | |||||
| CVE-2013-0154 | 1 Xen | 1 Xen | 2017-08-29 | 1.9 LOW | N/A |
| The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when debugging is enabled, allows local PV or HVM guest administrators to cause a denial of service (assertion failure and hypervisor crash) via unspecified vectors related to a hypercall. | |||||
| CVE-2012-5859 | 1 Samsung | 1 Kies Air | 2017-08-29 | 5.0 MEDIUM | N/A |
| Samsung Kies Air 2.1.207051 and 2.1.210161 allows remote attackers to cause a denial of service (crash) via a crafted request to www/apps/KiesAir/jws/ssd.php. | |||||
| CVE-2012-5515 | 1 Xen | 1 Xen | 2017-08-29 | 4.7 MEDIUM | N/A |
| The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value. | |||||
| CVE-2012-4327 | 2 Wordpress, Wpslideshow | 2 Wordpress, Image News Slider | 2017-08-29 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Image News slider plugin before 3.3 for WordPress has unspecified impact and remote attack vectors. | |||||
| CVE-2012-5955 | 1 Ibm | 2 Http Server, Websphere Application Server | 2017-08-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the IBM HTTP Server component 5.3 in IBM WebSphere Application Server (WAS) for z/OS allows remote attackers to execute arbitrary commands via unknown vectors. | |||||
| CVE-2012-5895 | 1 Irods | 1 Irods | 2017-08-29 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in iRODS before 3.1 have unknown impact and attack vectors. | |||||
| CVE-2012-5767 | 1 Ibm | 2 Ts3500 Tape Library, Ts3500 Tape Library Firmware | 2017-08-29 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the web interface on the IBM TS3500 Tape Library with firmware before C260 allows remote authenticated users to gain privileges via unspecified vectors. | |||||
| CVE-2012-5937 | 1 Ibm | 4 Gentran Integration Suite, Sterling B2b Integrator, Sterling File Gateway and 1 more | 2017-08-29 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the CLA2 server in IBM Gentran Integration Suite 4.3, Sterling Integrator 5.0 and 5.1, and Sterling B2B Integrator 5.2, as used in IBM Sterling File Gateway 1.1 through 2.2 and other products, allows remote attackers to execute arbitrary commands via unknown vectors. | |||||
| CVE-2012-5827 | 1 Joomla | 1 Joomla\! | 2017-08-29 | 4.3 MEDIUM | N/A |
| Joomla! 2.5.x before 2.5.8 and 3.0.x before 3.0.2 allows remote attackers to conduct clickjacking attacks via unspecified vectors involving "Inadequate protection." | |||||
| CVE-2012-5230 | 2 Harmistechnology, Joomla | 2 Com Jesubmit, Joomla\! | 2017-08-29 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the JE Story Submit (com_jesubmit) component before 1.9 for Joomla! has unknown impact and attack vectors. | |||||
| CVE-2012-5525 | 1 Xen | 1 Xen | 2017-08-29 | 4.7 MEDIUM | N/A |
| The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read. | |||||
| CVE-2012-5532 | 1 Linux | 1 Linux Kernel | 2017-08-29 | 4.9 MEDIUM | N/A |
| The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service (daemon exit) via a crafted application that sends a Netlink message. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-2669. | |||||
| CVE-2012-5860 | 1 Oberthur | 1 Id-one Cosmo | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability on Oberthur ID-One COSMO 5.2, 5.2a, and 64 smart cards makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging the generation of non-compliant public keys. | |||||
| CVE-2012-5954 | 1 Ibm | 1 Tivoli Storage Manager For Space Management | 2017-08-29 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows remote attackers to read or modify HSM-managed file system objects via unknown vectors. | |||||
| CVE-2012-5347 | 1 Tinywebgallery | 1 Tinywebgallery | 2017-08-29 | 7.5 HIGH | N/A |
| TinyWebGallery 1.8.3 allows remote attackers to execute arbitrary code via shell metacharacters in the command parameter to (1) inc/filefunctions.inc or (2) info.php. | |||||
| CVE-2012-4830 | 1 Ibm | 1 Websphere Commerce | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11 and 7.0 through 7.0.0.6 allows remote attackers to obtain users' personal data via unknown vectors. | |||||
| CVE-2012-5161 | 1 Citrix | 1 Xenapp | 2017-08-29 | 9.3 HIGH | N/A |
| The XML Service interface in Citrix XenApp 6.5 and 6.5 Feature Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-5197 | 1 Condor Project | 1 Condor | 2017-08-29 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to "error checking of system calls." | |||||
| CVE-2012-4859 | 1 Ibm | 1 Tivoli Storage Manager For Space Management | 2017-08-29 | 7.2 HIGH | N/A |
| Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows local users to read or modify file system objects via unknown vectors. | |||||
| CVE-2012-4363 | 4 Adobe, Apple, Linux and 1 more | 4 Acrobat Reader, Mac Os X, Linux Kernel and 1 more | 2017-08-29 | 9.3 HIGH | N/A |
| Multiple unspecified vulnerabilities in Adobe Reader through 10.1.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, related to "sixteen more crashes affecting Windows, OS X, or both systems." | |||||
| CVE-2012-5061 | 1 Oracle | 1 Financial Services Software | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, 11.0.0 through 11.4.0, and 12.0.0 allows remote authenticated users to affect confidentiality, related to BASE. | |||||
| CVE-2012-3923 | 1 Cisco | 1 Ios | 2017-08-29 | 3.5 LOW | N/A |
| The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCte41827. | |||||
| CVE-2012-6314 | 1 Citrix | 1 Xendesktop | 2017-08-29 | 5.0 MEDIUM | N/A |
| Citrix XenDesktop Virtual Desktop Agent (VDA) 5.6.x before 5.6.200, when making changes to the server-side policy that control USB redirection, does not propagate changes to the VDA, which allows authenticated users to retain access to the USB device. | |||||
| CVE-2012-5064 | 1 Oracle | 1 Financial Services Software | 2017-08-29 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, and 11.0.0 through 11.2.0 allows remote authenticated users to affect confidentiality, related to BASE. | |||||
| CVE-2012-5001 | 1 Hitachi | 1 Jp1\/cm2\/network Node Manager | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Hitachi JP1/Cm2/Network Node Manager i before 09-50-03 allow remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-3802 | 2 Drupal, Peter Pokrivcak | 2 Drupal, Post Affiliate Pro | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Post Affiliate Pro (PAP) module for Drupal allows remote authenticated users to read the commissions of other users via unknown attack vectors. | |||||
| CVE-2012-4328 | 1 Vbulletin | 4 Mapi, Vbulletin, Vbulletin Forum and 1 more | 2017-08-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the MAPI in vBulletin Suite 4.1.2 through 4.1.12, Forum 4.1.2 through 4.1.12, and the MAPI plugin 1.4.3 for vBulletin 3.x has unknown impact and attack vectors. | |||||
| CVE-2012-3816 | 1 Winradius | 1 Winradius | 2017-08-29 | 7.8 HIGH | N/A |
| WinRadius Server 2009 allows remote attackers to cause a denial of service (crash) via a long password in an Access-Request packet. | |||||
| CVE-2012-3157 | 1 Oracle | 1 Financial Services Software | 2017-08-29 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.0.5, 5.1.0, 5.2.0, 5.3.0 through 5.3.4, 6.0.1, 6.2.0, and 12 allows remote authenticated users to affect integrity, related to BASE. | |||||
| CVE-2012-3152 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Report Server Component. NOTE: the previous information is from the October 2012 CPU. Oracle has not commented on claims from the original researcher that the URLPARAMETER functionality allows remote attackers to read and upload arbitrary files to reports/rwservlet, and that this issue occurs in earlier versions. NOTE: this can be leveraged with CVE-2012-3153 to execute arbitrary code by uploading a .jsp file. | |||||
| CVE-2012-1685 | 1 Oracle | 1 Virtualization | 2017-08-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 allows remote attackers to affect integrity via unknown vectors related to Core. | |||||
| CVE-2012-3130 | 1 Sun | 1 Sunos | 2017-08-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect integrity via unknown vectors related to pkg.depotd. | |||||
| CVE-2012-3526 | 2 Apache, Thomas Eibner | 2 Http Server, Mod Rpaf | 2017-08-29 | 5.0 MEDIUM | N/A |
| The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request. | |||||
| CVE-2012-3566 | 1 Opera | 1 Opera Browser | 2017-08-29 | 4.3 MEDIUM | N/A |
| Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (application hang) via JavaScript code that changes a form before submission. | |||||
| CVE-2012-3121 | 1 Sun | 1 Sunos | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows remote attackers to affect availability via unknown vectors related to in.tnamed and NameServer. | |||||
| CVE-2012-3120 | 1 Sun | 1 Sunos | 2017-08-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 8 allows remote attackers to affect availability, related to TCP/IP. | |||||
| CVE-2012-1655 | 2 Drupal, Sven Decabooter | 2 Drupal, Uc Paydutchgroup \/ Wedeal Payment | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the UC PayDutchGroup / WeDeal payment module 6.x-1.0 for Drupal allows remote authenticated users to obtain account credentials via unknown attack vectors. | |||||
| CVE-2012-3126 | 1 Oracle | 1 Sun Products Suite | 2017-08-29 | 6.2 MEDIUM | N/A |
| Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Products Suite 3.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Apache Tomcat Agent. | |||||
| CVE-2012-3124 | 1 Sun | 1 Sunos | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect availability, related to Kernel/KSSL. | |||||
| CVE-2012-1687 | 1 Sun | 1 Sunos | 2017-08-29 | 5.6 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 10 and 11 allows local users to affect integrity and availability, related to Logical Domains (LDOM). | |||||
| CVE-2012-3122 | 1 Sun | 1 Sunos | 2017-08-29 | 2.6 LOW | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 8 and 9 allows local users to affect confidentiality and integrity via unknown vectors related to sort. | |||||
| CVE-2012-3088 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2017-08-29 | 9.3 HIGH | N/A |
| Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495, and 3.2.x, does not check whether an HTTP request originally contains ScanSafe headers, which allows remote attackers to have an unspecified impact via a crafted request, aka Bug ID CSCua13166. | |||||