Total
9733 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-5480 | 1 Cisco | 1 Ios | 2024-02-28 | 7.8 HIGH | N/A |
The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 DNS TCP stream, aka Bug ID CSCuf28733. | |||||
CVE-2013-2822 | 1 Novatech | 6 Orion5 Dnp Master, Orion5 Dnp Slave, Orion5r Dnp Master and 3 more | 2024-02-28 | 4.7 MEDIUM | N/A |
NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier and Orion5/Orion5r DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier allow physically proximate attackers to cause a denial of service (driver crash and process restart) via crafted input over a serial line. | |||||
CVE-2013-7000 | 1 Nowsms | 1 Now Sms \& Mms Gateway | 2024-02-28 | 4.3 MEDIUM | N/A |
The Multimedia Messaging Centre (MMSC) in NowSMS Now SMS & MMS Gateway 2013.09.26 allows remote attackers to cause a denial of service via a malformed message to a MM4 connection. | |||||
CVE-2012-3719 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-28 | 6.8 MEDIUM | N/A |
Mail in Apple Mac OS X before 10.7.5 does not properly handle embedded web plugins, which allows remote attackers to execute arbitrary plugin code via an e-mail message that triggers the loading of a third-party plugin. | |||||
CVE-2013-3948 | 1 Apple | 1 Iphone Os | 2024-02-28 | 4.3 MEDIUM | N/A |
Apple iOS 6.1.3 does not follow redirects during determination of the hostname to display in an iOS Enterprise Deployment installation dialog, which makes it easier for remote attackers to trigger installation of arbitrary applications via a download-manifest itms-services:// URL that leverages an open redirect vulnerability within a trusted domain. | |||||
CVE-2013-1232 | 1 Cisco | 3 Webex Meetings Server, Webex Node For Asr 1000 Series, Webex Node For Mcs | 2024-02-28 | 5.0 MEDIUM | N/A |
The HTTP implementation in Cisco WebEx Node for MCS, WebEx Meetings Server, and WebEx Node for ASR 1000 Series allows remote attackers to read the contents of uninitialized memory locations via a crafted request, aka Bug IDs CSCue36672, CSCue31363, CSCuf17466, and CSCug61252. | |||||
CVE-2013-1952 | 1 Xen | 1 Xen | 2024-02-28 | 1.9 LOW | N/A |
Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, does not properly check the source when accessing a bridge device's interrupt remapping table entries for MSI interrupts, which allows local guest domains to cause a denial of service (interrupt injection) via unspecified vectors. | |||||
CVE-2013-5580 | 1 Barton | 1 Ngircd | 2024-02-28 | 4.3 MEDIUM | N/A |
The (1) Conn_StartLogin and (2) cb_Read_Resolver_Result functions in conn.c in ngIRCd 18 through 20.2, when the configuration option NoticeAuth is enabled, does not properly handle the return code for the Handle_Write function, which allows remote attackers to cause a denial of service (assertion failure and server crash) via unspecified vectors, related to a "notice auth" message not being sent to a new client. | |||||
CVE-2012-3556 | 1 Opera | 1 Opera Browser | 2024-02-28 | 9.3 HIGH | N/A |
Opera before 11.65 does not properly restrict the opening of a pop-up window in response to the first click of a double-click action, which makes it easier for user-assisted remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary code via a crafted web site. | |||||
CVE-2013-3382 | 1 Cisco | 1 Adaptive Security Appliance | 2024-02-28 | 7.8 HIGH | N/A |
The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.9 and 9.1.2.x before 9.1.2.12 for Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (device reload or traffic-processing outage) via fragmented (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCue88387. | |||||
CVE-2013-5472 | 1 Cisco | 2 Ios, Ios Xe | 2024-02-28 | 7.1 HIGH | N/A |
The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of service (device reload) by leveraging an MSDP peer relationship, aka Bug ID CSCuc81226. | |||||
CVE-2013-2250 | 1 Apache | 1 Ofbiz | 2024-02-28 | 10.0 HIGH | N/A |
Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote attackers to execute arbitrary Unified Expression Language (UEL) functions via JUEL metacharacters in unspecified parameters, related to nested expressions. | |||||
CVE-2012-2619 | 2 Apple, Broadcom | 3 Iphone Os, Bcm4325, Bcm4329 | 2024-02-28 | 7.8 HIGH | N/A |
The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service (out-of-bounds read and Wi-Fi outage) via an RSN 802.11i information element. | |||||
CVE-2013-1854 | 2 Redhat, Rubyonrails | 3 Enterprise Linux, Rails, Ruby On Rails | 2024-02-28 | 5.0 MEDIUM | N/A |
The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote attackers to cause a denial of service via crafted input to a where method. | |||||
CVE-2013-4283 | 1 Fedoraproject | 1 389 Directory Server | 2024-02-28 | 5.0 MEDIUM | N/A |
ns-slapd in 389 Directory Server before 1.3.0.8 allows remote attackers to cause a denial of service (server crash) via a crafted Distinguished Name (DN) in a MOD operation request. | |||||
CVE-2012-0385 | 1 Cisco | 1 Ios | 2024-02-28 | 7.8 HIGH | N/A |
The Smart Install feature in Cisco IOS 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (device reload) by sending a malformed Smart Install message over TCP, aka Bug ID CSCtt16051. | |||||
CVE-2014-0654 | 1 Cisco | 1 Context Directory Agent | 2024-02-28 | 4.3 MEDIUM | N/A |
Cisco Context Directory Agent (CDA) allows remote attackers to modify the cache via a replay attack involving crafted RADIUS accounting messages, aka Bug ID CSCuj45383. | |||||
CVE-2011-1780 | 1 Xen | 1 Xen | 2024-02-28 | 6.1 MEDIUM | N/A |
The instruction emulation in Xen 3.0.3 allows local SMP guest users to cause a denial of service (host crash) by replacing the instruction that causes the VM to exit in one thread with a different instruction in a different thread. | |||||
CVE-2013-6703 | 1 Cisco | 1 Ons 15454 | 2024-02-28 | 7.1 HIGH | N/A |
The TLS/SSLv3 module on Cisco ONS 15454 controller cards allows remote attackers to cause a denial of service (card reset) via crafted (1) TLS or (2) SSLv3 packets, aka Bug ID CSCuh34787. | |||||
CVE-2013-5407 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2024-02-28 | 4.9 MEDIUM | N/A |
IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not properly restrict use of FRAME elements, which allows remote authenticated users to bypass intended access restrictions or obtain sensitive information via a crafted web site, related to a "frame injection" issue. |