Total
28516 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-0835 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the Geolocation implementation in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (application crash) via unknown vectors. | |||||
CVE-2012-4305 | 1 Oracle | 1 Javafx | 2024-02-28 | 9.3 HIGH | N/A |
Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than other CVEs listed in the February 2013 CPU. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from a third party that the issue allows remote attackers to execute arbitrary code via vectors related to an "invalid type cast" and exposed native methods in the T2KGlyph class. | |||||
CVE-2011-1936 | 1 Xen | 1 Xen | 2024-02-28 | 4.6 MEDIUM | N/A |
Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause a denial of service (guest crash) via unspecified vectors. | |||||
CVE-2012-5827 | 1 Joomla | 1 Joomla\! | 2024-02-28 | 4.3 MEDIUM | N/A |
Joomla! 2.5.x before 2.5.8 and 3.0.x before 3.0.2 allows remote attackers to conduct clickjacking attacks via unspecified vectors involving "Inadequate protection." | |||||
CVE-2011-3347 | 1 Redhat | 1 Enterprise Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
A certain Red Hat patch to the be2net implementation in the kernel package before 2.6.32-218.el6 on Red Hat Enterprise Linux (RHEL) 6, when promiscuous mode is enabled, allows remote attackers to cause a denial of service (system crash) via non-member VLAN packets. | |||||
CVE-2013-4761 | 2 Puppet, Puppetlabs | 3 Puppet, Puppet Enterprise, Puppet | 2024-02-28 | 5.1 MEDIUM | N/A |
Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resource_type service. NOTE: this vulnerability can only be exploited utilizing unspecified "local file system access" to the Puppet Master. | |||||
CVE-2012-5071 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2024-02-28 | 6.4 MEDIUM | N/A |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX. | |||||
CVE-2012-6503 | 2 Joomla, Ninjaforge | 2 Joomla\!, Com Ninjaxplorer | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the NinjaXplorer component before 1.0.7 for Joomla! has unknown impact and attack vectors. | |||||
CVE-2013-0445 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox. | |||||
CVE-2013-5842 | 3 Canonical, Oracle, Redhat | 8 Ubuntu Linux, Jdk, Jre and 5 more | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5850. | |||||
CVE-2013-4316 | 2 Apache, Oracle | 4 Struts, Flexcube Private Banking, Mysql Enterprise Monitor and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors. | |||||
CVE-2012-1728 | 1 Oracle | 1 Siebel Crm | 2024-02-28 | 5.8 MEDIUM | N/A |
Unspecified vulnerability in the Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Portal Framework. | |||||
CVE-2013-2339 | 1 Hp | 7 Smart Zero Core, T410 All-in-one Smart Zero Client, T410 Smart Zero Client and 4 more | 2024-02-28 | 4.6 MEDIUM | N/A |
HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero Client, t410 Smart Zero Client, t510 Flexible Thin Client, t5565z Smart Client, t610 Flexible Thin Client, and t610 PLUS Flexible Thin Client allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. | |||||
CVE-2013-0360 | 1 Oracle | 1 Enterprise Manager Grid Control | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the Application Performance Management (APM) component in Oracle Enterprise Manager Grid Control 6.5, 11.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Business Transaction Management, a different vulnerability than CVE-2013-0396. | |||||
CVE-2013-0277 | 1 Rubyonrails | 2 Rails, Ruby On Rails | 2024-02-28 | 10.0 HIGH | N/A |
ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML. | |||||
CVE-2013-4687 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2024-02-28 | 7.8 HIGH | N/A |
flowd in Juniper Junos 10.4 before 10.4S14, 11.2 and 11.4 before 11.4R6-S2, and 12.1 before 12.1R6 on SRX devices, when certain Application Layer Gateways (ALGs) are enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted TCP packets, aka PRs 727980, 806269, and 835593. | |||||
CVE-2012-3181 | 1 Oracle | 1 Peoplesoft Products | 2024-02-28 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect availability via unknown vectors related to Security. | |||||
CVE-2012-3178 | 1 Sun | 1 Sunos | 2024-02-28 | 2.1 LOW | N/A |
Unspecified vulnerability in the kernel in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors. | |||||
CVE-2012-1678 | 1 Oracle | 1 Jd Edwards Products | 2024-02-28 | 3.5 LOW | N/A |
Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 8.98, 9.1, and 24 allows remote authenticated users to affect confidentiality, related to Enterprise Infrastructure SEC. | |||||
CVE-2013-2240 | 1 Menalto | 1 Gallery | 2024-02-28 | 7.5 HIGH | N/A |
lib/flowplayer.swf.php in Gallery 3 before 3.0.9 does not properly remove query fragments, which allows remote attackers to have an unspecified impact via a replay attack, a different vulnerability than CVE-2013-2138. |