Total
9731 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-5394 | 1 Ibm | 1 Websphere Extreme Scale | 2024-02-28 | 4.9 MEDIUM | N/A |
The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to conduct phishing attacks via unspecified vectors. | |||||
CVE-2013-5508 | 1 Cisco | 2 Adaptive Security Appliance Software, Firewall Services Module Software | 2024-02-28 | 7.1 HIGH | N/A |
The SQL*Net inspection engine in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.44), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.6), 9.0.x before 9.0(2.10), and 9.1.x before 9.1(2) and Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(27) and 4.x before 4.1(14) allows remote attackers to cause a denial of service (device reload) via crafted segmented Transparent Network Substrate (TNS) packets, aka Bug ID CSCub98434. | |||||
CVE-2012-5049 | 1 Optimalog | 1 Optima Plc | 2024-02-28 | 7.8 HIGH | N/A |
APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. | |||||
CVE-2012-0210 | 1 Devscripts Devel Team | 1 Devscripts | 2024-02-28 | 9.3 HIGH | N/A |
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and execute arbitrary code via the file name in a (1) .dsc or (2) .changes file. | |||||
CVE-2013-1441 | 1 Exactcode | 1 Exactimage | 2024-02-28 | 4.3 MEDIUM | N/A |
econvert in ExactImage 0.8.9 and earlier does not properly initialize the setjmp variable, which allows context-dependent users to cause a denial of service (crash) via a crafted image file. | |||||
CVE-2012-3371 | 1 Openstack | 3 Compute, Essex, Folsom | 2024-02-28 | 3.5 LOW | N/A |
The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service (excessive database lookup calls and server hang) via a request with many repeated IDs in the os:scheduler_hints section. | |||||
CVE-2012-4357 | 1 Sielcosistemi | 2 Winlog Lite, Winlog Pro | 2024-02-28 | 9.3 HIGH | N/A |
Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block. | |||||
CVE-2013-2787 | 1 Alstom | 1 E-terracontrol | 2024-02-28 | 7.8 HIGH | N/A |
Alstom e-terracontrol 3.5, 3.6, and 3.7 allows remote attackers to cause a denial of service (infinite loop) via crafted DNP3 packets. | |||||
CVE-2013-2779 | 1 Cisco | 9 Asr 1001, Asr 1002, Asr 1002-x and 6 more | 2024-02-28 | 7.8 HIGH | N/A |
Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 MVPN (aka MVPNv6) packets, aka Bug ID CSCub34945, a different vulnerability than CVE-2013-1164. | |||||
CVE-2014-0653 | 1 Cisco | 1 Adaptive Security Appliance | 2024-02-28 | 4.3 MEDIUM | N/A |
The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe response, aka Bug ID CSCuj45340. | |||||
CVE-2012-6062 | 1 Wireshark | 1 Wireshark | 2024-02-28 | 5.0 MEDIUM | N/A |
The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | |||||
CVE-2012-4222 | 1 Google | 1 Android | 2024-02-28 | 4.3 MEDIUM | N/A |
drivers/gpu/msm/kgsl.c in the Qualcomm Innovation Center (QuIC) Graphics KGSL kernel-mode driver for Android 2.3 through 4.2 allows attackers to cause a denial of service (NULL pointer dereference) via an application that uses crafted arguments in a local kgsl_ioctl call. | |||||
CVE-2013-4932 | 1 Wireshark | 1 Wireshark | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
CVE-2013-4390 | 1 Apache | 2 Sling, Sling Auth Core Component | 2024-02-28 | 5.8 MEDIUM | N/A |
Open redirect vulnerability in the AbstractAuthenticationFormServlet in the Auth Core (org.apache.sling.auth.core) bundle before 1.1.4 in Apache Sling allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the resource parameter, related to "a custom login form and XSS." | |||||
CVE-2013-1024 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-02-28 | 6.8 MEDIUM | N/A |
CoreMedia Playback in Apple Mac OS X before 10.8.4 does not properly initialize memory during the processing of text tracks, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file. | |||||
CVE-2013-3634 | 1 Siemens | 7 Scalance X200-4p Irt, Scalance X200irt Firmware, Scalance X201-3p Irt and 4 more | 2024-02-28 | 7.5 HIGH | N/A |
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions < V5.0.0 for CVE-2013-3633 and versions < V4.5.0 for CVE-2013-3634), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.1.0). The implementation of SNMPv3 does not check the user credentials sufficiently. Therefore, an attacker is able to execute SNMP commands without correct credentials. | |||||
CVE-2012-0167 | 1 Microsoft | 1 Office | 2024-02-28 | 9.3 HIGH | N/A |
Heap-based buffer overflow in the Office GDI+ library in Microsoft Office 2003 SP3 and 2007 SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted EMF image in an Office document, aka "GDI+ Heap Overflow Vulnerability." | |||||
CVE-2013-5478 | 1 Cisco | 2 Ios, Ios Xe | 2024-02-28 | 7.8 HIGH | N/A |
Cisco IOS 15.0 through 15.3 and IOS XE 3.2 through 3.8, when a VRF interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via crafted UDP RSVP packets, aka Bug ID CSCuf17023. | |||||
CVE-2012-1367 | 1 Cisco | 1 Ios | 2024-02-28 | 5.0 MEDIUM | N/A |
The MallocLite implementation in Cisco IOS 12.0, 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (Route Processor crash) via a BGP UPDATE message with a modified local-preference (aka LOCAL_PREF) attribute length, aka Bug ID CSCtq06538. | |||||
CVE-2013-1362 | 2 Nagios, Opensuse | 2 Remote Plug In Executor, Opensuse | 2024-02-28 | 7.5 HIGH | N/A |
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash. |