Total
28562 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1653 | 3 Canonical, Puppet, Puppetlabs | 4 Ubuntu Linux, Puppet, Puppet Enterprise and 1 more | 2024-02-28 | 7.1 HIGH | N/A |
| Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to the "run" REST endpoint is allowed, allows remote authenticated users to execute arbitrary code via a crafted HTTP request. | |||||
| CVE-2012-3263 | 1 Hp | 1 Sitescope | 2024-02-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1465. | |||||
| CVE-2013-1533 | 1 Oracle | 1 Financial Services Software | 2024-02-28 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 2.8.0 through 3.1.0, 5.1.0, 5.2.0, 5.3.1 through 5.3.3, and 6.0.1 through 12.0.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to BASE. | |||||
| CVE-2012-1689 | 3 Mariadb, Oracle, Redhat | 6 Mariadb, Mysql, Enterprise Linux Desktop and 3 more | 2024-02-28 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. | |||||
| CVE-2013-5592 | 1 Mozilla | 1 Firefox | 2024-02-28 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2012-6299 | 1 Ca | 1 Identityminder | 2024-02-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12.5 before SP15, and r12.6 GA allows remote attackers to bypass intended access restrictions via unknown vectors. | |||||
| CVE-2014-0618 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2024-02-28 | 7.8 HIGH | N/A |
| Juniper Junos before 10.4 before 10.4R16, 11.4 before 11.4R8, 12.1R before 12.1R7, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on SRX Series service gateways, when used as a UAC enforcer and captive portal is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted HTTP message. | |||||
| CVE-2013-0970 | 1 Apple | 1 Mac Os X | 2024-02-28 | 4.3 MEDIUM | N/A |
| Messages in Apple Mac OS X before 10.8.3 allows remote attackers to bypass the FaceTime call-confirmation prompt via a crafted FaceTime: URL. | |||||
| CVE-2012-0516 | 1 Oracle | 1 Sun Products Suite | 2024-02-28 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console. | |||||
| CVE-2014-0408 | 2 Apple, Oracle | 2 Mac Os X, Jre | 2024-02-28 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Oracle Java SE 7u45, when running on OS X, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | |||||
| CVE-2013-4831 | 1 Hp | 1 Service Manager | 2024-02-28 | 5.5 MEDIUM | N/A |
| HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. | |||||
| CVE-2012-5089 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2024-02-28 | 7.6 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than CVE-2012-3143. | |||||
| CVE-2013-5837 | 1 Oracle | 1 Industry Applications | 2024-02-28 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Oracle Health Sciences InForm component in Oracle Industry Applications 4.6 SP0, 4.6 SP0a-c, 4.6 SP1, 4.6 SP1a-c, 4.6 SP2, 4.6 SP2a-c, 5.0 SP0, 5.0 SP0a, 5.0 SP1, 5.0 SP1a-b, 5.0.3, and 5.0.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Cognos. | |||||
| CVE-2013-1496 | 1 Sun | 1 Sunos | 2024-02-28 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/IO, a different vulnerability than CVE-2013-1498. | |||||
| CVE-2014-0406 | 1 Oracle | 1 Vm Virtualbox | 2024-02-28 | 2.4 LOW | N/A |
| Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0404. | |||||
| CVE-2012-1937 | 1 Mozilla | 5 Firefox, Firefox Esr, Seamonkey and 2 more | 2024-02-28 | 9.3 HIGH | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2013-3775 | 1 Oracle | 1 Ilearning | 2024-02-28 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows remote attackers to affect integrity via unknown vectors related to Learner Pages. | |||||
| CVE-2013-3770 | 1 Oracle | 1 Fusion Middleware | 2024-02-28 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Server. NOTE: the previous information is from the October 2013 CPU. Oracle has not commented on claims from a third party that the issue is related to "iDoc script injection" in the (1) cs and (2) urm components, which allows attackers to read "sensitive" files, as demonstrated by obtaining the "AES encryption key and encrypted credentials" of the weblogic user. | |||||
| CVE-2014-0435 | 1 Oracle | 1 Supply Chain Products Suite | 2024-02-28 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3, 6.3.1, and 6.3.2 allows remote authenticated users to affect availability via unknown vectors related to Data, Domain & Function Security. | |||||
| CVE-2012-4598 | 1 Mcafee | 2 Epo Mcafee Virtual Technician, Mcafee Virtual Technician | 2024-02-28 | 9.3 HIGH | N/A |
| An unspecified ActiveX control in McAfee Virtual Technician (MVT) before 6.4, and ePO-MVT, allows remote attackers to execute arbitrary code or cause a denial of service (Internet Explorer crash) via a crafted web site. | |||||