Total
28562 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-2558 | 1 Microsoft | 1 Windows 8 | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in Microsoft Windows 8 allows remote attackers to cause a denial of service (reboot) or possibly have unknown other impact via a crafted TrueType Font (TTF) file, as demonstrated by the 120612-69701-01.dmp error report. | |||||
CVE-2012-0571 | 1 Oracle | 1 Financial Services Software | 2024-02-28 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0 through 10.5.0 and 11.0.0 through 11.4.0 allows remote authenticated users to affect integrity via unknown vectors related to Core, a different vulnerability than CVE-2012-0544. | |||||
CVE-2013-1739 | 1 Mozilla | 1 Network Security Services | 2024-02-28 | 5.0 MEDIUM | N/A |
Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure. | |||||
CVE-2013-5870 | 3 Hp, Oracle, Redhat | 11 Hp-ux, Jdk, Jre and 8 more | 2024-02-28 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. | |||||
CVE-2012-3257 | 1 Hp | 1 Business Availability Center | 2024-02-28 | 4.6 MEDIUM | N/A |
HP Business Availability Center (BAC) 8.07 allows remote authenticated users to hijack web sessions via unspecified vectors. | |||||
CVE-2013-0353 | 1 Oracle | 3 Enterprise Manager Database Control, Enterprise Manager Grid Control, Enterprise Manager Plugin For Database Control | 2024-02-28 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 allows remote attackers to affect integrity via unknown vectors related to Enterprise Configuration Management. | |||||
CVE-2012-3859 | 1 Netsweeper | 1 Netsweeper | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the WebAdmin Portal in Netsweeper has unknown impact and attack vectors, a different vulnerability than CVE-2012-2446 and CVE-2012-2447. | |||||
CVE-2014-0389 | 1 Oracle | 1 Ilearning | 2024-02-28 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in Oracle iLearning 6.0 allows remote attackers to affect integrity via unknown vectors related to Learner Pages. | |||||
CVE-2012-1997 | 1 Hp | 1 Systems Insight Manager | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-1998. | |||||
CVE-2012-2639 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4940. Reason: This candidate is a reservation duplicate of CVE-2011-4940. Notes: All CVE users should reference CVE-2011-4940 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
CVE-2013-2403 | 1 Oracle | 1 Siebel Crm | 2024-02-28 | 3.5 LOW | N/A |
Unspecified vulnerability in the Siebel Enterprise Application Integration component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Web Services, a different vulnerability than CVE-2013-0416. | |||||
CVE-2012-5075 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX. | |||||
CVE-2013-3008 | 1 Ibm | 1 Java | 2024-02-28 | 9.3 HIGH | N/A |
Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006. | |||||
CVE-2013-2345 | 1 Hp | 1 Storage Data Protector | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1869. | |||||
CVE-2013-3780 | 1 Oracle | 1 Peoplesoft Products | 2024-02-28 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the PeopleSoft Enterprise Portal component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Saved Search. | |||||
CVE-2013-2868 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-02-28 | 5.0 MEDIUM | N/A |
common/extensions/sync_helper.cc in Google Chrome before 28.0.1500.71 proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting, which might allow remote attackers to trigger unwanted extension changes via unspecified vectors. | |||||
CVE-2012-3120 | 1 Sun | 1 Sunos | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in Oracle Sun Solaris 8 allows remote attackers to affect availability, related to TCP/IP. | |||||
CVE-2012-3923 | 1 Cisco | 1 Ios | 2024-02-28 | 3.5 LOW | N/A |
The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCte41827. | |||||
CVE-2013-2327 | 1 Hp | 1 Storage Data Protector | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1635. | |||||
CVE-2013-4785 | 1 Dell | 1 Idrac6 Firmware | 2024-02-28 | 10.0 HIGH | N/A |
The web interface on the Dell iDRAC6 with firmware before 1.95 allows remote attackers to modify the CLP interface for arbitrary users and possibly have other impact via a request to an unspecified form that is accessible from testurls.html. NOTE: the vendor disputes the significance of this issue, stating "DRAC's are intended to be on a separate management network; they are not designed nor intended to be placed on or connected to the Internet." |