Total
9733 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-2694 | 1 Wpsymposiumpro | 1 Wp Symposium | 2024-02-28 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in invite.php in the WP Symposium plugin 13.04 for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the u parameter. | |||||
| CVE-2013-1883 | 1 Mantisbt | 1 Mantisbt | 2024-02-28 | 5.0 MEDIUM | N/A |
| Mantis Bug Tracker (aka MantisBT) 1.2.12 before 1.2.15 allows remote attackers to cause a denial of service (resource consumption) via a filter using a criteria, text search, and the "any condition" match type. | |||||
| CVE-2014-3306 | 1 Cisco | 9 Dpc3010, Dpc3212, Dpc3825 and 6 more | 2024-02-28 | 10.0 HIGH | N/A |
| The web server on Cisco DPC3010, DPC3212, DPC3825, DPC3925, DPQ3925, EPC3010, EPC3212, EPC3825, and EPC3925 Wireless Residential Gateway products allows remote attackers to execute arbitrary code via a crafted HTTP request, aka Bug ID CSCup40808. | |||||
| CVE-2014-2163 | 1 Cisco | 2 Telepresence Tc Software, Telepresence Te Software | 2024-02-28 | 7.8 HIGH | N/A |
| The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCua64961. | |||||
| CVE-2014-1827 | 1 Ithoughts | 1 Ithoughtshd | 2024-02-28 | 4.3 MEDIUM | N/A |
| The iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to upload arbitrary files by placing a %00 sequence after a dangerous extension, as demonstrated by a .html%00.txt file. | |||||
| CVE-2014-4617 | 3 Debian, Gnupg, Opensuse | 3 Debian Linux, Gnupg, Opensuse | 2024-02-28 | 5.0 MEDIUM | N/A |
| The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence. | |||||
| CVE-2014-3487 | 5 Debian, File Project, Opensuse and 2 more | 5 Debian Linux, File, Opensuse and 2 more | 2024-02-28 | 4.3 MEDIUM | N/A |
| The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. | |||||
| CVE-2010-2236 | 1 Redhat | 3 Network Proxy, Satellite, Spacewalk-java | 2024-02-28 | 6.0 MEDIUM | N/A |
| The monitoring probe display in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 4.0.0 through 4.2.0 and 5.1.0 through 5.3.0, and Proxy 5.3.0, allows remote authenticated users with permissions to administer monitoring probes to execute arbitrary code via unspecified vectors, related to backticks. | |||||
| CVE-2014-3310 | 1 Cisco | 2 Webex Meeting Center, Webex Meetings Server | 2024-02-28 | 4.3 MEDIUM | N/A |
| The File Transfer feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center does not verify that a requested file was an offered file, which allows remote attackers to read arbitrary files via a modified request, aka Bug IDs CSCup62442 and CSCup58463. | |||||
| CVE-2014-3316 | 1 Cisco | 1 Unified Communications Manager | 2024-02-28 | 4.0 MEDIUM | N/A |
| The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297. | |||||
| CVE-2014-7815 | 5 Canonical, Debian, Qemu and 2 more | 12 Ubuntu Linux, Debian Linux, Qemu and 9 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value. | |||||
| CVE-2014-0679 | 1 Cisco | 1 Prime Infrastructure | 2024-02-28 | 9.0 HIGH | N/A |
| Cisco Prime Infrastructure 1.2 and 1.3 before 1.3.0.20-2, 1.4 before 1.4.0.45-2, and 2.0 before 2.0.0.0.294-2 allows remote authenticated users to execute arbitrary commands with root privileges via an unspecified URL, aka Bug ID CSCum71308. | |||||
| CVE-2014-0761 | 1 Qeiinc | 1 Epaq-9410 Substation Gateway | 2024-02-28 | 7.1 HIGH | N/A |
| The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows remote attackers to cause a denial of service (infinite loop or process crash) via a crafted TCP packet. | |||||
| CVE-2013-4286 | 1 Apache | 1 Tomcat | 2024-02-28 | 5.8 MEDIUM | N/A |
| Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header. NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090. | |||||
| CVE-2014-4133 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4137. | |||||
| CVE-2014-7251 | 1 Yokogawa | 1 Fast\/tools | 2024-02-28 | 3.2 LOW | N/A |
| XML external entity (XXE) vulnerability in the WebHMI server in Yokogawa Electric Corporation FAST/TOOLS before R9.05-SP2 allows local users to cause a denial of service (CPU or network traffic consumption) or read arbitrary files via unspecified vectors. | |||||
| CVE-2015-1104 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-02-28 | 5.0 MEDIUM | N/A |
| The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly determine whether an IPv6 packet had a local origin, which allows remote attackers to bypass an intended network-filtering protection mechanism via a crafted packet. | |||||
| CVE-2014-3819 | 1 Juniper | 1 Junos | 2024-02-28 | 7.8 HIGH | N/A |
| Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R10, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R8, 12.3 before 12.3R7, 13.1 before 13.1R4, 13.2 before 13.2R4, 13.3 before 13.3R2, and 14.1 before 14.1R1, when Auto-RP is enabled, allows remote attackers to cause a denial of service (RDP routing process crash and restart) via a malformed PIM packet. | |||||
| CVE-2014-4434 | 1 Apple | 1 Mac Os X | 2024-02-28 | 4.9 MEDIUM | N/A |
| The kernel in Apple OS X before 10.10 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted filename on an HFS filesystem. | |||||
| CVE-2014-3890 | 1 Silex | 2 Sx-2000wg, Sx-2000wg Firmware | 2024-02-28 | 5.0 MEDIUM | N/A |
| silex SX-2000WG devices with firmware before 1.5.4 allow remote attackers to cause a denial of service (connectivity outage) via a crafted IP packet, a different vulnerability than CVE-2014-3889. | |||||