Total
28516 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-1948 | 2 Rob Westgeest, Ruby-lang | 2 Md2pdf, Ruby | 2024-02-28 | 10.0 HIGH | N/A |
converter.rb in the md2pdf gem 0.0.1 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename. | |||||
CVE-2014-0402 | 5 Canonical, Debian, Mariadb and 2 more | 10 Ubuntu Linux, Debian Linux, Mariadb and 7 more | 2024-02-28 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking. | |||||
CVE-2012-0376 | 1 Cisco | 1 Unified Communications Manager | 2024-02-28 | 5.0 MEDIUM | N/A |
The voice-sipstack component in Cisco Unified Communications Manager (CUCM) 8.5 allows remote attackers to cause a denial of service (core dump) via vectors involving SIP messages that arrive after an upgrade, aka Bug ID CSCtj87367. | |||||
CVE-2013-2331 | 1 Hp | 1 Storage Data Protector | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1652. | |||||
CVE-2012-3704 | 1 Apple | 1 Itunes | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. | |||||
CVE-2012-1758 | 1 Oracle | 1 Supply Chain Products Suite | 2024-02-28 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the Oracle AutoVue component in Oracle Supply Chain Products Suite 20.0.2 and 20.1 allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-1759. | |||||
CVE-2013-2940 | 1 Citrix | 1 Cloudportal Services Manager | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. | |||||
CVE-2014-0443 | 1 Oracle | 1 Peoplesoft Products | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 allows remote attackers to affect integrity via unknown vectors related to Security. | |||||
CVE-2012-6336 | 1 Lookout | 1 Lookout | 2024-02-28 | 3.3 LOW | N/A |
The Missing Device feature in Lookout allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer." | |||||
CVE-2012-5208 | 1 Hp | 2 Intelligent Management Center, Intelligent Management Center For Automated Network Manager | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1615. | |||||
CVE-2012-1749 | 1 Oracle | 1 Fusion Middleware | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the Oracle MapViewer component in Oracle Fusion Middleware 10.1.3.1 and 11.1.1.5 allows remote attackers to affect confidentiality via unknown vectors related to Oracle Maps. | |||||
CVE-2013-3794 | 4 Mariadb, Opensuse, Oracle and 1 more | 7 Mariadb, Opensuse, Mysql and 4 more | 2024-02-28 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition. | |||||
CVE-2012-0544 | 1 Oracle | 1 Financial Services Software | 2024-02-28 | 3.5 LOW | N/A |
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0 through 10.5.0 and 11.0.0 through 11.4.0 allows remote authenticated users to affect integrity via unknown vectors related to Core, a different vulnerability than CVE-2012-0571. | |||||
CVE-2012-5073 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries, a different vulnerability than CVE-2012-5079. | |||||
CVE-2012-1705 | 4 Canonical, Mariadb, Oracle and 1 more | 7 Ubuntu Linux, Mariadb, Mysql and 4 more | 2024-02-28 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. | |||||
CVE-2012-3638 | 1 Apple | 1 Safari | 2024-02-28 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
CVE-2013-7080 | 1 Typo3 | 1 Typo3 | 2024-02-28 | 5.8 MEDIUM | N/A |
The creating record functionality in Extension table administration library (feuser_adminLib.inc) in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, and 6.0.0 through 6.0.11 allows remote attackers to write to arbitrary fields in the configuration database table via crafted links, aka "Mass Assignment." | |||||
CVE-2013-0418 | 2 Microsoft, Oracle | 2 Exchange Server, Fusion Middleware | 2024-02-28 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-0393. NOTE: the previous information was obtained from the January 2013 CPU. Oracle has not commented on claims from an independent researcher that this is a heap-based buffer overflow in the Paradox database stream filter (vspdx.dll) that can be triggered using a table header with a crafted "number of fields" value. | |||||
CVE-2013-0442 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox. | |||||
CVE-2013-0449 | 1 Oracle | 2 Jdk, Jre | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect confidentiality via unknown vectors related to Deployment. |