Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-4109 | 1 Openssl | 1 Openssl | 2017-08-29 | 9.3 HIGH | N/A |
| Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. | |||||
| CVE-2012-0073 | 1 Oracle | 1 E-business Suite | 2017-08-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Forms component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2012-0074 | 1 Oracle | 1 Peoplesoft Products | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft Products 8.9 allows remote authenticated users to affect integrity via unknown vectors related to Sales. | |||||
| CVE-2012-0076 | 1 Oracle | 1 Peoplesoft Products | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to ePerformance. | |||||
| CVE-2012-0077 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4, 10.0.2, 10.3.3, 10.3.4, and 10.3.5 allows remote authenticated users to affect integrity, related to WLS-Console. | |||||
| CVE-2012-0078 | 1 Oracle | 1 E-business Suite | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.2 and 12.1.3 allows remote authenticated users to affect confidentiality, related to REST Services (Menu, LOV). | |||||
| CVE-2012-0079 | 1 Oracle | 1 Opensso | 2017-08-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle OpenSSO 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Administration. | |||||
| CVE-2012-0080 | 1 Oracle | 1 Peoplesoft Products | 2017-08-29 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Talent Acquisition Management. | |||||
| CVE-2012-0081 | 1 Oracle | 1 Glassfish Server | 2017-08-29 | 3.7 LOW | N/A |
| Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.1.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Administration. | |||||
| CVE-2012-0082 | 1 Oracle | 1 Database Server | 2017-08-29 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity and availability via unknown vectors. | |||||
| CVE-2012-0083 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 7.5.2, 10.1.3.5.1, 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Search. | |||||
| CVE-2012-0084 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 7.5.2, 10.1.3.5.1, 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote authenticated users to affect integrity via unknown vectors related to Content Server. | |||||
| CVE-2012-0085 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 7.5.2 and 10.1.3.5.1 allows remote attackers to affect integrity via unknown vectors related to Content Server. | |||||
| CVE-2012-0088 | 1 Oracle | 1 Peoplesoft Products | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 8.9, 9.0, and 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Benefits Administration. | |||||
| CVE-2012-0089 | 1 Oracle | 1 Peoplesoft Products | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to ePerformance. | |||||
| CVE-2012-0091 | 1 Oracle | 1 Peoplesoft Products | 2017-08-29 | 2.7 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52.05 allows remote authenticated users to affect integrity and availability via unknown vectors related to Upgrade Change Assistance. | |||||
| CVE-2012-0097 | 1 Sun | 1 Sunos | 2017-08-29 | 2.1 LOW | N/A |
| Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect confidentiality via unknown vectors related to ksh93 Shell. | |||||
| CVE-2012-0103 | 1 Sun | 1 Sunos | 2017-08-29 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to Kernel. | |||||
| CVE-2012-0104 | 1 Oracle | 1 Glassfish Server | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attackers to affect availability via unknown vectors related to Web Container. | |||||
| CVE-2012-0128 | 1 Hp | 1 Onboard Administrator | 2017-08-29 | 5.8 MEDIUM | N/A |
| HP Onboard Administrator (OA) before 3.50 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
| CVE-2012-0129 | 1 Hp | 1 Onboard Administrator | 2017-08-29 | 7.6 HIGH | N/A |
| HP Onboard Administrator (OA) before 3.50 allows remote attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-0130 | 1 Hp | 1 Onboard Administrator | 2017-08-29 | 5.0 MEDIUM | N/A |
| HP Onboard Administrator (OA) before 3.50 allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2012-0132 | 2 Hp, Microsoft | 2 Business Availability Center, Windows | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 9.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-0133 | 1 Hp | 14 Procurve Switch 5400zl, Procurve Switch 5400zl Management Module, Procurve Switch 5406-44g-poe\+-4sfpzl and 11 more | 2017-08-29 | 3.7 LOW | N/A |
| HP ProCurve 5400 zl switches with certain serial numbers include a compact flash card that contains an unspecified virus, which might allow user-assisted remote attackers to execute arbitrary code on a PC by leveraging manual transfer of this card. | |||||
| CVE-2012-0135 | 1 Hp | 1 System Management Homepage | 2017-08-29 | 3.5 LOW | N/A |
| Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authenticated users to cause a denial of service via unknown vectors. | |||||
| CVE-2012-0186 | 1 Ibm | 1 Lotus Expeditor | 2017-08-29 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in the Eclipse Help component in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack allows remote attackers to discover the locations of files via a crafted URL. | |||||
| CVE-2012-0187 | 1 Ibm | 1 Lotus Expeditor | 2017-08-29 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack allows local users to gain privileges via a Trojan horse DLL in the current working directory. | |||||
| CVE-2012-0188 | 1 Ibm | 2 Spss Data Collection, Spss Dimensions | 2017-08-29 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the SetLicenseInfoEx method in an ActiveX control in mraboutb.dll in IBM SPSS Dimensions 5.5 and SPSS Data Collection 5.6, 6.0, and 6.0.1 allows remote attackers to execute arbitrary code via a crafted HTML document. | |||||
| CVE-2012-0189 | 1 Ibm | 1 Spss Samplepower | 2017-08-29 | 9.3 HIGH | N/A |
| Multiple unspecified vulnerabilities in the (1) PrintFile and (2) SaveDoc methods in the VsVIEW6 ActiveX control in VsVIEW6.ocx in IBM SPSS SamplePower 3.0 allow remote attackers to execute arbitrary code via a crafted HTML document. | |||||
| CVE-2012-0190 | 1 Ibm | 2 Spss Data Collection, Spss Dimensions | 2017-08-29 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the Render method in the ExportHTML.ocx ActiveX control in ExportHTML.dll in IBM SPSS Dimensions 5.5 and SPSS Data Collection 5.6, 6.0, and 6.0.1 allows remote attackers to execute arbitrary code via a crafted HTML document. | |||||
| CVE-2012-0191 | 1 Ibm | 1 Lotus Expeditor | 2017-08-29 | 5.0 MEDIUM | N/A |
| The web container in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack does not properly perform access control for requests, which allows remote attackers to spoof a localhost request origin via crafted headers. | |||||
| CVE-2012-0192 | 1 Ibm | 1 Lotus Symphony | 2017-08-29 | 9.3 HIGH | N/A |
| Multiple integer overflows in vclmi.dll in the visual class library module in IBM Lotus Symphony before 3.0.1 might allow remote attackers to execute arbitrary code via an embedded (1) JPEG or (2) PNG image object in a Symphony document that triggers a heap-based buffer overflow, as demonstrated by a .doc file. | |||||
| CVE-2012-0194 | 1 Ibm | 1 Aix | 2017-08-29 | 7.1 HIGH | N/A |
| The TCP implementation in IBM AIX 5.3, 6.1, and 7.1, when the Large Send Offload option is enabled, allows remote attackers to cause a denial of service (assertion failure and panic) via an unspecified series of packets. | |||||
| CVE-2012-0198 | 1 Ibm | 1 Tivoli Provisioning Manager Express For Software Distribution | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allows remote attackers to execute arbitrary code via vectors related to an Asset Information file. | |||||
| CVE-2012-0199 | 1 Ibm | 1 Tivoli Provisioning Manager Express For Software Distribution | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allow remote attackers to execute arbitrary SQL commands via (1) a SOAP message to the Printer.getPrinterAgentKey function in the SoapServlet servlet, (2) the User.updateUserValue function in the register.do servlet, (3) the User.isExistingUser function in the logon.do servlet, (4) the Asset.getHWKey function in the CallHomeExec servlet, (5) the Asset.getMimeType function in the getAttachment (aka GetAttachmentServlet) servlet, (6) the addAsset.do servlet, or (7) a crafted EG2 file. | |||||
| CVE-2012-0200 | 1 Ibm | 1 Soliddb | 2017-08-29 | 4.0 MEDIUM | N/A |
| The server in IBM solidDB 6.5 before Interim Fix 6 does not properly initialize data structures, which allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a redundant WHERE condition. | |||||
| CVE-2012-0201 | 1 Ibm | 1 Personal Communications | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM Personal Communications 5.9.x before 5.9.8 and 6.0.x before 6.0.4 might allow remote attackers to execute arbitrary code via a long profile string in a WorkStation (aka .ws) file. | |||||
| CVE-2012-0202 | 1 Ibm | 1 Cognos Tm1 | 2017-08-29 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data. | |||||
| CVE-2012-0203 | 1 Ibm | 2 Infosphere Information Server, Infosphere Metadata Workbench | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in InfoSphere Metadata Workbench (MWB) 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-0204 | 1 Ibm | 3 Infosphere Import Export Manager, Infosphere Information Server, Infosphere Information Server Metabrokers \& Bridges | 2017-08-29 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBrokers & Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory. | |||||
| CVE-2012-0205 | 1 Ibm | 2 Infosphere Information Server, Infosphere Metadata Workbench | 2017-08-29 | 6.5 MEDIUM | N/A |
| InfoSphere Metadata Workbench (MWB) 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly restrict use of the troubleshooting feature, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (workbench outage) via unspecified vectors. | |||||
| CVE-2012-0210 | 1 Devscripts Devel Team | 1 Devscripts | 2017-08-29 | 9.3 HIGH | N/A |
| debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and execute arbitrary code via the file name in a (1) .dsc or (2) .changes file. | |||||
| CVE-2012-0211 | 1 Devscripts Devel Team | 1 Devscripts | 2017-08-29 | 9.3 HIGH | N/A |
| debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via a crafted tarball file name in the top-level directory of an original (.orig) source tarball of a source package. | |||||
| CVE-2012-0212 | 1 Devscripts Devel Team | 1 Devscripts | 2017-08-29 | 9.3 HIGH | N/A |
| debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell metacharacters in the file name argument. | |||||
| CVE-2012-0216 | 1 Debian | 1 Apache2 | 2017-08-29 | 4.4 MEDIUM | N/A |
| The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting (XSS) attacks, gain privileges, or obtain sensitive information via vectors involving localhost HTTP requests to the Apache HTTP Server. | |||||
| CVE-2012-0220 | 1 Ikiwiki | 1 Ikiwiki | 2017-08-29 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin (Plugin/meta.pm) in ikiwiki before 3.20120516 allow remote attackers to inject arbitrary web script or HTML via the (1) author or (2) authorurl meta tags. | |||||
| CVE-2012-0227 | 2 Componentone, Opcsystems | 2 Flexgrid, Opcsystems.net | 2017-08-29 | 9.3 HIGH | N/A |
| Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method. | |||||
| CVE-2012-0253 | 1 Demandmedia | 1 Pluck Sitelife | 2017-08-29 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Demand Media Pluck SiteLife before 5.0.13 allow remote attackers to inject arbitrary web script or HTML via (1) the jsonRequest parameter to Direct/Process, the (2) r or (3) cb parameter to Direct/jsonp.htm, or (4) the cb parameter to sys/jsonp.app/.htm. | |||||
| CVE-2012-0266 | 1 Ntrglobal | 1 Ntr Activex Control | 2017-08-29 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the NTR ActiveX control before 2.0.4.8 allow remote attackers to execute arbitrary code via (1) a long bstrUrl parameter to the StartModule method, (2) a long bstrParams parameter to the Check method, a long bstrUrl parameter to the (3) Download or (4) DownloadModule method during construction of a .ntr pathname, or a long bstrUrl parameter to the (5) Download or (6) DownloadModule method during construction of a URL. | |||||
| CVE-2012-0267 | 1 Ntrglobal | 1 Ntr Activex Control | 2017-08-29 | 9.3 HIGH | N/A |
| The StopModule method in the NTR ActiveX control before 2.0.4.8 allows remote attackers to execute arbitrary code via a crafted lModule parameter that triggers use of an arbitrary memory address as a function pointer. | |||||