Search
Total
21119 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-2167 | 1 Ibm | 2 Xiv Storage System Gen3, Xiv Storage System Gen3 Firmware | 2017-08-29 | 7.8 HIGH | N/A |
| The IBM XIV Storage System Gen3 before 11.1.0.a allows remote attackers to cause a denial of service (device outage) via TCP packets to unspecified ports. | |||||
| CVE-2012-2074 | 2 Drupal, Ubercart Views Project | 2 Drupal, Uc Views | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in certain default views in the Ubercart Views module 6.x before 6.x-3.2 for Drupal allows remote attackers to obtain sensitive information via unknown attack vectors. | |||||
| CVE-2012-2067 | 2 Ckeditor, Drupal | 3 Ckeditor, Fckeditor, Drupal | 2017-08-29 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the CKeditor module 6.x-2.x before 6.x-2.3 and the CKEditor module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.7 for Drupal, when the core PHP module is enabled, allows remote authenticated users or remote attackers to execute arbitrary PHP code via the text parameter to a text filter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-2048 | 1 Adobe | 1 Coldfusion | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Adobe ColdFusion 10 and earlier allows attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2012-1764 | 1 Oracle | 1 Peoplesoft Products | 2017-08-29 | 3.5 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect integrity, related to MCF. | |||||
| CVE-2012-1754 | 1 Oracle | 1 Siebel Crm | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Framework, a different vulnerability than CVE-2012-1732. | |||||
| CVE-2012-1753 | 1 Oracle | 1 Peoplesoft Products | 2017-08-29 | 5.4 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to PC. | |||||
| CVE-2012-1752 | 1 Sun | 1 Sunos | 2017-08-29 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability, related to Kernel/NFS. | |||||
| CVE-2012-2748 | 1 Joomla | 1 Joomla\! | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to obtain sensitive information via vectors related to "Inadequate filtering" and a "SQL error." | |||||
| CVE-2012-1655 | 2 Drupal, Sven Decabooter | 2 Drupal, Uc Paydutchgroup \/ Wedeal Payment | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the UC PayDutchGroup / WeDeal payment module 6.x-1.0 for Drupal allows remote authenticated users to obtain account credentials via unknown attack vectors. | |||||
| CVE-2012-3157 | 1 Oracle | 1 Financial Services Software | 2017-08-29 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.0.5, 5.1.0, 5.2.0, 5.3.0 through 5.3.4, 6.0.1, 6.2.0, and 12 allows remote authenticated users to affect integrity, related to BASE. | |||||
| CVE-2012-1107 | 1 Scott Wheeler | 1 Taglib | 2017-08-29 | 4.3 MEDIUM | N/A |
| The analyzeCurrent function in ape/apeproperties.cpp in TagLib 1.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted sampleRate in an ape file, which triggers a divide-by-zero error. | |||||
| CVE-2012-1085 | 1 Typo3 | 2 Beuserswitch, Typo3 | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the BE User Switch (beuserswitch) extension 0.0.1 for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2012-1079 | 2 Helmut Hummel, Typo3 | 2 Typo3 Webservice, Typo3 | 2017-08-29 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Webservices for TYPO3 (typo3_webservice) extension before 0.3.8 for TYPO3 allows remote authenticated users to execute arbitrary code via unknown vectors. | |||||
| CVE-2012-1009 | 1 Netsarang | 2 Xlpd, Xmanager Enterprise | 2017-08-29 | 5.0 MEDIUM | N/A |
| NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build 0186 allow remote attackers to cause a denial of service (daemon crash) via a malformed LPD request. | |||||
| CVE-2012-1738 | 1 Oracle | 2 Iplanet Web Server, Sun Products Suite Java System Web Server | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite Java System Web Server 6.1 and Oracle iPlanet Web Server 7.0 allows remote attackers to affect availability via unknown vectors related to Web Server. | |||||
| CVE-2012-1739 | 1 Oracle | 1 E-business Suite | 2017-08-29 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Financials Business Intelligence. | |||||
| CVE-2012-1685 | 1 Oracle | 1 Virtualization | 2017-08-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 allows remote attackers to affect integrity via unknown vectors related to Core. | |||||
| CVE-2012-0925 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2017-08-29 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RV40 RealVideo video stream. | |||||
| CVE-2012-1687 | 1 Sun | 1 Sunos | 2017-08-29 | 5.6 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 10 and 11 allows local users to affect integrity and availability, related to Logical Domains (LDOM). | |||||
| CVE-2012-3153 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Servlet. NOTE: the previous information is from the October 2012 CPU. Oracle has not commented on claims from the original researcher that the PARSEQUERY function allows remote attackers to obtain database credentials via reports/rwservlet/parsequery, and that this issue occurs in earlier versions. NOTE: this can be leveraged with CVE-2012-3152 to execute arbitrary code by uploading a .jsp file. | |||||
| CVE-2012-3152 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Report Server Component. NOTE: the previous information is from the October 2012 CPU. Oracle has not commented on claims from the original researcher that the URLPARAMETER functionality allows remote attackers to read and upload arbitrary files to reports/rwservlet, and that this issue occurs in earlier versions. NOTE: this can be leveraged with CVE-2012-3153 to execute arbitrary code by uploading a .jsp file. | |||||
| CVE-2012-3088 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2017-08-29 | 9.3 HIGH | N/A |
| Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495, and 3.2.x, does not check whether an HTTP request originally contains ScanSafe headers, which allows remote attackers to have an unspecified impact via a crafted request, aka Bug ID CSCua13166. | |||||
| CVE-2012-3130 | 1 Sun | 1 Sunos | 2017-08-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect integrity via unknown vectors related to pkg.depotd. | |||||
| CVE-2012-3111 | 1 Oracle | 1 Peoplesoft Products | 2017-08-29 | 3.5 LOW | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect integrity, related to TECH, a different vulnerability than CVE-2012-1762. | |||||
| CVE-2012-3112 | 1 Sun | 1 Sunos | 2017-08-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect integrity via unknown vectors related to Solaris Management Console. | |||||
| CVE-2012-1750 | 1 Sun | 1 Sunos | 2017-08-29 | 4.4 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to mailx. | |||||
| CVE-2012-3113 | 1 Oracle | 1 Peoplesoft Products | 2017-08-29 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.0.20 allows remote authenticated users to affect confidentiality and integrity, related to EPERF. | |||||
| CVE-2012-3114 | 1 Oracle | 1 Supply Chain Products Suite | 2017-08-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2012-3115 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle MapViewer component in Oracle Fusion Middleware 10.1.3.1, 11.1.1.5, and 11.1.1.6 allows remote attackers to affect integrity via unknown vectors related to Install. | |||||
| CVE-2012-3145 | 1 Oracle | 1 Financial Services Software | 2017-08-29 | 1.5 LOW | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.0.5, 5.1.0, 5.2.0, 5.3.0 through 5.3.4, and 6.2.0 allows local users to affect confidentiality, related to BASE. | |||||
| CVE-2012-1749 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle MapViewer component in Oracle Fusion Middleware 10.1.3.1 and 11.1.1.5 allows remote attackers to affect confidentiality via unknown vectors related to Oracle Maps. | |||||
| CVE-2012-1736 | 1 Oracle | 1 Fusion Middleware | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle MapViewer component in Oracle Fusion Middleware 10.1.3.1 allows remote attackers to affect confidentiality via unknown vectors related to Oracle Maps. | |||||
| CVE-2012-3142 | 1 Oracle | 1 Financial Services Software | 2017-08-29 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.5, 5.1.0, 5.2.0, and 5.3.0 through 5.3.4 allows remote authenticated users to affect confidentiality, related to BASE. | |||||
| CVE-2012-3141 | 1 Oracle | 1 Financial Services Software | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, and 11.0.0 through 11.2.0 allows remote authenticated users to affect integrity, related to BASE, a different vulnerability than CVE-2012-3227. | |||||
| CVE-2012-1737 | 1 Oracle | 2 Database Server, Enterprise Manager Grid Control | 2017-08-29 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Enterprise Manager Grid Control EM Base Platform 10.2.0.5, EM Base Platform 11.1.0.1, EM Plugin for DB 12.1.0.1, and EM Plugin for DB 12.1.0.2, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to DB Performance Advisories/UIs. | |||||
| CVE-2012-1727 | 1 Oracle | 1 E-business Suite | 2017-08-29 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Document Repository. | |||||
| CVE-2012-3269 | 1 Hp | 1 Performance Insight | 2017-08-29 | 7.5 HIGH | N/A |
| Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5.41, when Sybase is used, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-3270. | |||||
| CVE-2012-3227 | 1 Oracle | 1 Financial Services Software | 2017-08-29 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, and 11.0.0 through 11.2.0 allows remote authenticated users to affect integrity, related to BASE, a different vulnerability than CVE-2012-3141. | |||||
| CVE-2012-3223 | 1 Oracle | 1 Financial Services Software | 2017-08-29 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.0.5, 5.1.0, 5.2.0, 5.3.0 through 5.3.4, and 6.0.1 allows remote authenticated users to affect confidentiality, related to BASE. | |||||
| CVE-2012-3330 | 1 Ibm | 1 Websphere Application Server | 2017-08-29 | 5.0 MEDIUM | N/A |
| The proxy server in IBM WebSphere Application Server 7.0 before 7.0.0.27, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1, and WebSphere Virtual Enterprise, allows remote attackers to cause a denial of service (daemon outage) via a crafted request. | |||||
| CVE-2012-3228 | 1 Oracle | 1 Financial Services Software | 2017-08-29 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.0.5, 5.1.0, 5.2.0, 5.3.0 through 5.3.4, 6.0.1, and 6.2.0 allows remote authenticated users to affect integrity and availability, related to BASE. | |||||
| CVE-2012-3224 | 1 Oracle | 1 Financial Services Software | 2017-08-29 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.1.0, 5.2.0, and 5.3.0 through 5.3.4 allows remote authenticated users to affect confidentiality, related to BASE. | |||||
| CVE-2012-3580 | 1 Symantec | 1 Messaging Gateway | 2017-08-29 | 7.7 HIGH | N/A |
| Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface. | |||||
| CVE-2012-3298 | 1 Ibm | 1 Websphere Commerce | 2017-08-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the REST services framework in IBM WebSphere Commerce 7.0 Feature Pack 4 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors. | |||||
| CVE-2012-3258 | 1 Hp | 1 Operations Orchestration | 2017-08-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2012-3566 | 1 Opera | 1 Opera Browser | 2017-08-29 | 4.3 MEDIUM | N/A |
| Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (application hang) via JavaScript code that changes a form before submission. | |||||
| CVE-2012-3259 | 1 Hp | 1 Sitescope | 2017-08-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1461. | |||||
| CVE-2012-3267 | 1 Hp | 1 Network Node Manager I | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.20 allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2012-3564 | 1 Opera | 1 Opera Browser | 2017-08-29 | 5.0 MEDIUM | N/A |
| Opera before 12.00 Beta allows remote attackers to cause a denial of service (application hang) via an absolutely positioned wrap=off TEXTAREA element located next to an "overflow: auto" block element. | |||||