Total
9737 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-1991 | 1 Intra-mart | 1 Webplatform\/appframework | 2024-02-28 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in WebPlatform / AppFramework 6.0 through 7.2 in NTT DATA INTRAMART intra-mart allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
| CVE-2014-0742 | 1 Cisco | 1 Unified Communications Manager | 2024-02-28 | 6.2 MEDIUM | N/A |
| The Certificate Authority Proxy Function (CAPF) CLI implementation in the CSR management feature in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464. | |||||
| CVE-2014-2164 | 1 Cisco | 2 Telepresence Tc Software, Telepresence Te Software | 2024-02-28 | 7.8 HIGH | N/A |
| The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCuj94651. | |||||
| CVE-2013-6747 | 1 Ibm | 3 Global Security Kit, Security Directory Server, Tivoli Directory Server | 2024-02-28 | 7.1 HIGH | N/A |
| IBM GSKit 7.x before 7.0.4.48 and 8.x before 8.0.50.16, as used in IBM Security Directory Server (ISDS) and Tivoli Directory Server (TDS), allows remote attackers to cause a denial of service (application crash or hang) via a malformed X.509 certificate chain. | |||||
| CVE-2014-9130 | 1 Pyyaml | 1 Libyaml | 2024-02-28 | 5.0 MEDIUM | N/A |
| scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping. | |||||
| CVE-2012-6656 | 3 Canonical, Debian, Gnu | 3 Ubuntu Linux, Debian Linux, Glibc | 2024-02-28 | 5.0 MEDIUM | N/A |
| iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8. | |||||
| CVE-2013-1946 | 2 Drupal, Restful Web Services Project | 2 Drupal, Restful Web Services | 2024-02-28 | 4.3 MEDIUM | N/A |
| The RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.3 and 7.x-2.x before 7.x-2.0-alpha5 for Drupal, when page caching is enabled and anonymous users are assigned RESTWS permissions, allows remote attackers to cause a denial of service via a GET request with an HTTP Accept header set to a non-HTML type, which can "interfere with Drupal's page cache." | |||||
| CVE-2014-4401 | 1 Apple | 1 Mac Os X | 2024-02-28 | 6.9 MEDIUM | N/A |
| An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, and CVE-2014-4416. | |||||
| CVE-2014-0970 | 1 Ibm | 2 Infosphere Master Data Management Collaboration Server, Infosphere Master Data Management Server For Product Information Management | 2024-02-28 | 3.5 LOW | N/A |
| The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0 FP4 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 allows remote authenticated users to inject links via unspecified vectors. | |||||
| CVE-2014-2180 | 1 Cisco | 2 Unified Contact Center Enterprise, Unified Contact Center Express Editor Software | 2024-02-28 | 4.0 MEDIUM | N/A |
| The Document Management component in Cisco Unified Contact Center Express does not properly validate a parameter, which allows remote authenticated users to upload files to arbitrary pathnames via a crafted HTTP request, aka Bug ID CSCun74133. | |||||
| CVE-2014-0868 | 1 Ibm | 2 Algo Credit Limits, Algorithmics | 2024-02-28 | 4.9 MEDIUM | N/A |
| RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intended dual-control restrictions and modify data via a crafted XML document, as demonstrated by manipulation of read-only limit data. | |||||
| CVE-2014-3710 | 3 Canonical, Debian, Php | 3 Ubuntu Linux, Debian Linux, Php | 2024-02-28 | 5.0 MEDIUM | N/A |
| The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file. | |||||
| CVE-2015-0661 | 1 Cisco | 1 Ios Xr | 2024-02-28 | 4.0 MEDIUM | N/A |
| The SNMPv2 implementation in Cisco IOS XR allows remote authenticated users to cause a denial of service (snmpd daemon reload) via a malformed SNMP packet, aka Bug ID CSCur25858. | |||||
| CVE-2015-0633 | 1 Cisco | 19 C200 M1, C200 M2, C210 M2 and 16 more | 2024-02-28 | 6.8 MEDIUM | N/A |
| The Integrated Management Controller (IMC) in Cisco Unified Computing System (UCS) 1.4(7h) and earlier on C-Series servers allows remote attackers to bypass intended access restrictions by sending crafted DHCP response packets on the local network, aka Bug ID CSCuf52876. | |||||
| CVE-2014-3739 | 1 Zenoss | 1 Zenoss | 2024-02-28 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in zport/acl_users/cookieAuthHelper/login_form in Zenoss 4.2.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the came_from parameter. | |||||
| CVE-2014-2733 | 1 Siemens | 1 Sinema Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Siemens SINEMA Server before 12 SP1 allows remote attackers to cause a denial of service (web-interface outage) via crafted HTTP requests to port (1) 4999 or (2) 80. | |||||
| CVE-2014-5019 | 1 Drupal | 1 Drupal | 2024-02-28 | 5.0 MEDIUM | N/A |
| The multisite feature in Drupal 6.x before 6.32 and 7.x before 7.29 allows remote attackers to cause a denial of service via a crafted HTTP Host header, related to determining which configuration file to use. | |||||
| CVE-2014-2899 | 1 Yassl | 1 Cyassl | 2024-02-28 | 5.0 MEDIUM | N/A |
| wolfSSL CyaSSL before 2.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via (1) a request for the peer certificate when a certificate parsing failure occurs or (2) a client_key_exchange message when the ephemeral key is not found. | |||||
| CVE-2011-2941 | 1 Redhat | 1 Jboss Enterprise Portal Platform | 2024-02-28 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in Red Hat JBoss Enterprise Portal Platform before 5.2.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the initialURI parameter. | |||||
| CVE-2011-4720 | 1 Hillstone Software | 1 Hs Tftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
| Hillstone HS TFTP Server 1.3.2 allows remote attackers to cause a denial of service (daemon crash) via a long filename in a (1) RRQ or (2) WRQ operation. | |||||