Total
9733 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-2754 | 2 Debian, Gaia-gis | 2 Debian Linux, Freexl | 2024-02-28 | 6.8 MEDIUM | N/A |
| FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF." | |||||
| CVE-2014-2514 | 1 Emc | 1 Documentum Content Server | 2024-02-28 | 8.2 HIGH | N/A |
| EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P15, 7.0 before P15, and 7.1 before P06 does not properly check authorization and does not properly restrict object types, which allows remote authenticated users to run save RPC commands with super-user privileges, and consequently execute arbitrary code, via unspecified vectors. | |||||
| CVE-2013-3606 | 1 Dell | 3 Powerconnect 3348, Powerconnect 3524p, Powerconnect 5324 | 2024-02-28 | 7.8 HIGH | N/A |
| The login page in the GoAhead web server on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and 5324 2.0.1.4 switches allows remote attackers to cause a denial of service (device outage) via a long username. | |||||
| CVE-2014-0730 | 1 Cisco | 1 Unified Computing System Central Software | 2024-02-28 | 6.8 MEDIUM | N/A |
| Cisco Unified Computing System (UCS) Central Software 1.1 and earlier allows local users to gain privileges via a CLI copy command in a local-mgmt context, aka Bug ID CSCul53128. | |||||
| CVE-2012-3399 | 1 Artis.imag | 1 Basilic | 2024-02-28 | 7.5 HIGH | N/A |
| Config/diff.php in Basilic 1.5.14 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter. | |||||
| CVE-2012-2697 | 1 Redhat | 1 Enterprise Linux | 2024-02-28 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in autofs, as used in Red Hat Enterprise Linux (RHEL) 5, allows local users to cause a denial of service (autofs crash and delayed mounts) or prevent "mount expiration" via unspecified vectors related to "using an LDAP-based automount map." | |||||
| CVE-2012-2493 | 4 Apple, Cisco, Linux and 1 more | 4 Mac Os X, Anyconnect Secure Mobility Client, Linux Kernel and 1 more | 2024-02-28 | 9.3 HIGH | N/A |
| The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Windows, and 2.x before 2.5 MR6 and 3.x before 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are received by the downloader process, which allows remote attackers to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug ID CSCtw47523. | |||||
| CVE-2013-1584 | 1 Wireshark | 1 Wireshark | 2024-02-28 | 2.9 LOW | N/A |
| The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | |||||
| CVE-2012-5647 | 1 Redhat | 2 Openshift, Openshift Origin | 2024-02-28 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in node-util/www/html/restorer.php in Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the PATH_INFO. | |||||
| CVE-2013-0699 | 1 Galilmc | 1 Rio-47100 Plc | 2024-02-28 | 7.1 HIGH | N/A |
| The Galil RIO-47100 Pocket PLC allows remote attackers to cause a denial of service via a session that includes "repeated requests." | |||||
| CVE-2012-2368 | 1 Bytemark | 1 Symbiosis | 2024-02-28 | 5.0 MEDIUM | N/A |
| Bytemark Symbiosis before Revision 1322 does not properly validate passwords, which allows remote attackers to gain access to email accounts via an arbitrary password. | |||||
| CVE-2013-7271 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 4.9 MEDIUM | N/A |
| The x25_recvmsg function in net/x25/af_x25.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. | |||||
| CVE-2012-2321 | 1 Connman | 1 Connman | 2024-02-28 | 10.0 HIGH | N/A |
| The loopback plug-in in ConnMan before 0.85 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) host name or (2) domain name in a DHCP reply. | |||||
| CVE-2013-1321 | 1 Microsoft | 1 Publisher | 2024-02-28 | 9.3 HIGH | N/A |
| Microsoft Publisher 2003 SP3 does not properly check the data type of an unspecified return value, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Validation Vulnerability." | |||||
| CVE-2013-3378 | 1 Cisco | 2 Telepresence Tc Software, Telepresence Te Software | 2024-02-28 | 7.8 HIGH | N/A |
| Cisco TelePresence TC Software before 6.1 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (temporary device hang) via crafted SIP packets, aka Bug ID CSCuf89557. | |||||
| CVE-2012-5825 | 1 Tweepy | 1 Tweepy | 2024-02-28 | 5.8 MEDIUM | N/A |
| Tweepy does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the Python httplib library. | |||||
| CVE-2013-5605 | 1 Mozilla | 1 Network Security Services | 2024-02-28 | 7.5 HIGH | N/A |
| Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets. | |||||
| CVE-2011-3095 | 1 Google | 1 Chrome | 2024-02-28 | 10.0 HIGH | N/A |
| The OGG container in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. | |||||
| CVE-2012-2877 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-02-28 | 5.0 MEDIUM | N/A |
| The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | |||||
| CVE-2013-6368 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-02-28 | 6.2 MEDIUM | N/A |
| The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address. | |||||