Search
Total
27796 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1153 | 1 Apprain | 1 Apprain | 2017-08-29 | 6.8 MEDIUM | N/A |
| Unrestricted file upload vulnerability in addons/uploadify/uploadify.php in appRain CMF 0.1.5 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads directory. | |||||
| CVE-2012-3563 | 1 Opera | 1 Opera Browser | 2017-08-29 | 5.0 MEDIUM | N/A |
| Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via a web page that contains invalid character encodings. | |||||
| CVE-2012-2871 | 3 Apple, Google, Xmlsoft | 3 Iphone Os, Chrome, Libxml2 | 2017-08-29 | 6.8 MEDIUM | N/A |
| libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. | |||||
| CVE-2012-3304 | 1 Ibm | 1 Websphere Application Server | 2017-08-29 | 6.8 MEDIUM | N/A |
| The Administrative Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hijack sessions via unspecified vectors. | |||||
| CVE-2012-3333 | 1 Ibm | 2 Maximo Asset Management, Smartcloud Control Desk | 2017-08-29 | 4.3 MEDIUM | N/A |
| CRLF injection vulnerability in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted parameter in a URL. | |||||
| CVE-2012-3565 | 1 Opera | 1 Opera Browser | 2017-08-29 | 5.0 MEDIUM | N/A |
| Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted characters in domain names, as demonstrated by "IDNA2008 tests." | |||||
| CVE-2012-3437 | 1 Imagemagick | 1 Imagemagick | 2017-08-29 | 4.3 MEDIUM | N/A |
| The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation. | |||||
| CVE-2012-1065 | 1 2x | 1 Applicationserver | 2017-08-29 | 4.3 MEDIUM | N/A |
| Insecure method vulnerability in TuxScripting.dll in the TuxSystem ActiveX control in 2X ApplicationServer 10.1 Build 1224 allows remote attackers to create or overwrite arbitrary files via the ExportSettings method. | |||||
| CVE-2012-2902 | 2 Joomla, Ryan Demmer | 2 Joomla\!, Joomla Content Editor | 2017-08-29 | 6.0 MEDIUM | N/A |
| Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor (JCE) component before 2.1 for Joomla!, when chunking is set to greater than zero, allows remote authors to execute arbitrary PHP code by uploading a PHP file with a double extension as demonstrated by .jpg.pht. | |||||
| CVE-2012-2406 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2017-08-29 | 9.3 HIGH | N/A |
| RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via a crafted file. | |||||
| CVE-2012-1125 | 2 Kishore Asokan, Wordpress | 2 Kish Guest Posting Plugin, Wordpress | 2017-08-29 | 6.8 MEDIUM | N/A |
| Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin before 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the directory specified by the folder parameter. | |||||
| CVE-2012-2667 | 1 Sensiolabs | 1 Symfony | 2017-08-29 | 4.3 MEDIUM | N/A |
| Session fixation vulnerability in lib/user/sfBasicSecurityUser.class.php in SensioLabs Symfony before 1.4.18 allows remote attackers to hijack web sessions via vectors related to the regenerate method and unspecified "database backed session classes." | |||||
| CVE-2012-2939 | 1 Itechscripts | 1 Travelon Express | 2017-08-29 | 6.5 MEDIUM | N/A |
| Multiple unrestricted file upload vulnerabilities in Travelon Express 6.2.2 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension using (1) airline-edit.php, (2) hotel-image-add.php, or (3) hotel-add.php. | |||||
| CVE-2012-3567 | 1 Opera | 1 Opera Browser | 2017-08-29 | 5.0 MEDIUM | N/A |
| Opera before 12.00 Beta allows remote attackers to cause a denial of service (memory consumption or application hang) via an IFRAME element that uses the src="#" syntax to embed a parent document. | |||||
| CVE-2012-3530 | 1 Typo3 | 1 Typo3 | 2017-08-29 | 4.3 MEDIUM | N/A |
| Incomplete blacklist vulnerability in the t3lib_div::quoteJSvalue API function in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to conduct cross-site scripting (XSS) attacks via certain HTML5 JavaScript events. | |||||
| CVE-2012-2735 | 2 Redhat, Trevor Mckay | 2 Enterprise Mrg, Cumin | 2017-08-29 | 4.9 MEDIUM | N/A |
| Session fixation vulnerability in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote attackers to hijack web sessions via a crafted session cookie. | |||||
| CVE-2012-2752 | 1 Vmware | 1 Vma | 2017-08-29 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in VMware vMA 4.x and 5.x before 5.0.0.2 allows local users to gain privileges via a Trojan horse DLL in the current working directory. | |||||
| CVE-2012-3568 | 1 Opera | 1 Opera Browser | 2017-08-29 | 5.0 MEDIUM | N/A |
| Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted WebGL content, as demonstrated by a codeflow.org WebGL demo. | |||||
| CVE-2011-4325 | 1 Linux | 1 Linux Kernel | 2017-08-29 | 4.9 MEDIUM | N/A |
| The NFS implementation in Linux kernel before 2.6.31-rc6 calls certain functions without properly initializing certain data, which allows local users to cause a denial of service (NULL pointer dereference and O_DIRECT oops), as demonstrated using diotest4 from LTP. | |||||
| CVE-2012-0204 | 1 Ibm | 3 Infosphere Import Export Manager, Infosphere Information Server, Infosphere Information Server Metabrokers \& Bridges | 2017-08-29 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBrokers & Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory. | |||||
| CVE-2012-0198 | 1 Ibm | 1 Tivoli Provisioning Manager Express For Software Distribution | 2017-08-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allows remote attackers to execute arbitrary code via vectors related to an Asset Information file. | |||||
| CVE-2012-0187 | 1 Ibm | 1 Lotus Expeditor | 2017-08-29 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack allows local users to gain privileges via a Trojan horse DLL in the current working directory. | |||||
| CVE-2012-0133 | 1 Hp | 14 Procurve Switch 5400zl, Procurve Switch 5400zl Management Module, Procurve Switch 5406-44g-poe\+-4sfpzl and 11 more | 2017-08-29 | 3.7 LOW | N/A |
| HP ProCurve 5400 zl switches with certain serial numbers include a compact flash card that contains an unspecified virus, which might allow user-assisted remote attackers to execute arbitrary code on a PC by leveraging manual transfer of this card. | |||||
| CVE-2011-5161 | 1 Open-emr | 1 Openemr | 2017-08-29 | 6.8 MEDIUM | N/A |
| Unrestricted file upload vulnerability in the patient photograph functionality in OpenEMR 4 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the patient directory under documents/. | |||||
| CVE-2011-5157 | 1 Attachmate | 5 Reflection For Hp, Reflection For Ibm, Reflection For Regis Graphics Server and 2 more | 2017-08-29 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in Attachmate Reflection before 14.1 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, a related issue to CVE-2011-0107. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2011-5148 | 2 Joomla, Wasen | 2 Joomla\!, Mod Simplefileupload | 2017-08-29 | 6.8 MEDIUM | N/A |
| Multiple incomplete blacklist vulnerabilities in the Simple File Upload (mod_simplefileuploadv1.3) module before 1.3.5 for Joomla! allow remote attackers to execute arbitrary code by uploading a file with a (1) php5, (2) php6, or (3) double (e.g. .php.jpg) extension, then accessing it via a direct request to the file in images/, as exploited in the wild in January 2012. | |||||
| CVE-2011-5101 | 1 Mcafee | 1 Saas Endpoint Protection | 2017-08-29 | 5.0 MEDIUM | N/A |
| The Rumor technology in McAfee SaaS Endpoint Protection before 5.2.4 allows remote attackers to relay e-mail messages via unspecified vectors, as demonstrated by relaying spam. | |||||
| CVE-2011-5069 | 1 Sitracker | 1 Support Incident Tracker | 2017-08-29 | 6.0 MEDIUM | N/A |
| Unrestricted file upload vulnerability in incident_attachments.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in unspecified directory, a different program than CVE-2011-3833. | |||||
| CVE-2011-5051 | 2 Wordpress, Wpsymposium | 2 Wordpress, Wp Symposium | 2017-08-29 | 7.5 HIGH | N/A |
| Multiple unrestricted file upload vulnerabilities in the WP Symposium plugin before 11.12.24 for WordPress allow remote attackers to execute arbitrary code by uploading a file with an executable extension using (1) uploadify/upload_admin_avatar.php or (2) uploadify/upload_profile_avatar.php, then accessing it via a direct request to the file in an unspecified directory inside the webroot. | |||||
| CVE-2011-5009 | 1 3ssoftware | 1 Codesys | 2017-08-29 | 5.0 MEDIUM | N/A |
| The CmpWebServer.dll module in the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attackers to cause a denial of service (NULL pointer dereference) via (1) a crafted Content-Length in an HTTP POST or (2) an invalid HTTP request method. | |||||
| CVE-2011-5005 | 2 Claudio Klingler, Mads Brunn | 2 Quixplorer, T3quixplorer | 2017-08-29 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in QuiXplorer 2.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension using the upload action to index.php, then accessing it via a direct request to the file in an unspecified directory. | |||||
| CVE-2011-4859 | 1 Schneider-electric | 21 M340 Ethernet Module Bmxnoe0100, M340 Ethernet Module Bmxnoe0110, M340 Ethernet Module Bmxp342020 and 18 more | 2017-08-29 | 10.0 HIGH | N/A |
| The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M340 BMXNOE01* and BMXP3420* modules, and the STB DIO STBNIC2212 and STBNIP2* modules, uses hardcoded passwords for the (1) AUTCSE, (2) AUT_CSE, (3) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (13) target, (14) test, (15) USER, and (16) webserver accounts, which makes it easier for remote attackers to obtain access via the (a) TELNET, (b) Windriver Debug, or (c) FTP port. | |||||
| CVE-2011-4854 | 2 Microsoft, Parallels | 3 Windows 2003 Server, Windows Server 2008, Parallels Plesk Panel | 2017-08-29 | 9.3 HIGH | N/A |
| The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not ensure that Content-Type HTTP headers match the corresponding Content-Type data in HTML META elements, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving the get_enabled_product_icon program. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue. | |||||
| CVE-2011-4762 | 1 Parallels | 1 Parallels Plesk Small Business Panel | 2017-08-29 | 10.0 HIGH | N/A |
| Parallels Plesk Small Business Panel 10.2.0 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving smb/app/top-categories-data/ and certain other files. NOTE: it is possible that only clients, not the SmarterStats product, could be affected by this issue. | |||||
| CVE-2011-4761 | 1 Parallels | 1 Parallels Plesk Small Business Panel | 2017-08-29 | 10.0 HIGH | N/A |
| Parallels Plesk Small Business Panel 10.2.0 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving domains/sitebuilder_edit.php and certain other files. NOTE: it is possible that only clients, not the SmarterStats product, could be affected by this issue. | |||||
| CVE-2011-4752 | 1 Smartertools | 1 Smarterstats | 2017-08-29 | 10.0 HIGH | N/A |
| SmarterTools SmarterStats 6.2.4100 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving frmCustomReport.aspx and certain other files. NOTE: it is possible that only clients, not the SmarterStats product, could be affected by this issue. | |||||
| CVE-2011-4856 | 2 Microsoft, Parallels | 3 Windows 2003 Server, Windows Server 2008, Parallels Plesk Panel | 2017-08-29 | 9.3 HIGH | N/A |
| The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving admin/health/parameters and certain other files. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue. | |||||
| CVE-2011-4408 | 1 Canonical | 1 Ubuntu Linux | 2017-08-29 | 6.8 MEDIUM | N/A |
| The Single Sign On Client (ubuntu-sso-client) for Ubuntu 11.04 and 11.10 does not properly validate SSL certificates when using HTTPS, which allows remote attackers to spoof a server and modify or read sensitive data via a man-in-the-middle (MITM) attack. | |||||
| CVE-2011-4855 | 2 Microsoft, Parallels | 3 Windows 2003 Server, Windows Server 2008, Parallels Plesk Panel | 2017-08-29 | 9.3 HIGH | N/A |
| The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving admin/customer-service-plan/list/reset-search/true/ and certain other files. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue. | |||||
| CVE-2011-4141 | 1 Rsa | 1 Securid | 2017-08-29 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in EMC RSA SecurID Software Token 4.1 before 4.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Software Token file. | |||||
| CVE-2011-3991 | 1 Ffftp | 1 Ffftp | 2017-08-29 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in FFFTP 1.98a and earlier allows local users to execute arbitrary code via unspecified functions. | |||||
| CVE-2011-3833 | 1 Sitracker | 1 Support Incident Tracker | 2017-08-29 | 6.0 MEDIUM | N/A |
| Unrestricted file upload vulnerability in ftp_upload_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to execute arbitrary PHP code by uploading a PHP file, then accessing it via a direct request to the file in an unspecified directory. | |||||
| CVE-2011-5032 | 1 Winmount | 1 Winmount | 2017-08-29 | 4.9 MEDIUM | N/A |
| WMDrive.sys 3.4.181.224 in WinMount 3.5.1018 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted 0x87342000 IOCTL request to the WMDriver device. | |||||
| CVE-2011-3503 | 1 Interactivedata | 1 Esignal | 2017-08-29 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in eSignal 10.6.2425.1208, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse JRS_UT.dll that is located in the same folder as a .quo (QUOTE) file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2011-3430 | 1 Apple | 1 Iphone Os | 2017-08-29 | 9.3 HIGH | N/A |
| The Settings component in Apple iOS before 5, when a configuration profile is used for a locale other than English, does not properly implement localization, which makes it easier for attackers to have an unspecified impact by leveraging incorrect configuration display. | |||||
| CVE-2011-3424 | 1 Tibco | 3 Managed File Transfer Command Center, Managed File Transfer Internet Server, Slingshot | 2017-08-29 | 4.3 MEDIUM | N/A |
| Session fixation vulnerability in the Managed File Transfer server in TIBCO Managed File Transfer Internet Server before 7.1.1 and Managed File Transfer Command Center before 7.1.1, and the server in TIBCO Slingshot before 1.8.1, allows remote attackers to hijack web sessions via unspecified vectors. | |||||
| CVE-2011-3182 | 1 Php | 1 Php | 2017-08-29 | 5.0 MEDIUM | N/A |
| PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveraging the ability to provide an arbitrary value for a function argument, related to (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) ext/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c, (8) ext/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10) TSRM/tsrm_win32.c, and (11) the strtotime function. | |||||
| CVE-2011-3138 | 1 Ibm | 2 Tivoli Federated Identity Manager, Tivoli Federated Identity Manager Business Gateway | 2017-08-29 | 5.0 MEDIUM | N/A |
| The LTPA STS module support implementation in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.9 relies on a static instance of a Java Development Kit (JDK) class, which might allow attackers to bypass LTPA token signature verification by leveraging lack of thread safety. | |||||
| CVE-2012-0216 | 1 Debian | 1 Apache2 | 2017-08-29 | 4.4 MEDIUM | N/A |
| The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting (XSS) attacks, gain privileges, or obtain sensitive information via vectors involving localhost HTTP requests to the Apache HTTP Server. | |||||
| CVE-2010-5148 | 1 Websense | 2 Websense Web Filter, Websense Web Security | 2017-08-29 | 5.0 MEDIUM | N/A |
| Websense Web Security and Web Filter before 7.1 Hotfix 21 do not set the secure flag for the Encrypted Session (SSL) cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | |||||