Total
93790 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0953 | 1 Nvidia | 1 Display Driver | 2024-11-21 | 4.4 MEDIUM | 5.0 MEDIUM |
| A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace. This issue was fixed in version 295.53. | |||||
| CVE-2012-0952 | 1 Nvidia | 1 Display Driver | 2024-11-21 | 4.4 MEDIUM | 5.0 MEDIUM |
| A heap buffer overflow was discovered in the device control ioctl in the Linux driver for Nvidia graphics cards, which may allow an attacker to overflow 49 bytes. This issue was fixed in version 295.53. | |||||
| CVE-2012-0945 | 1 Whoopsie-daisy Project | 1 Whoopsie-daisy | 2024-11-21 | 5.5 MEDIUM | 4.9 MEDIUM |
| whoopsie-daisy before 0.1.26: Root user can remove arbitrary files | |||||
| CVE-2012-0941 | 1 Fortinet | 1 Fortios | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Endpoint Monitor, (2) Dialup List, or (3) Log&Report Display modules, or the fields_sorted_opt parameter to (4) user/auth/list or (5) endpointcompliance/app_detect/predefined_sig_list. | |||||
| CVE-2012-0844 | 2 Debian, Netsurf-browser | 2 Debian Linux, Netsurf | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar. | |||||
| CVE-2012-0843 | 2 Debian, Uzbl | 2 Debian Linux, Uzbl | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| uzbl: Information disclosure via world-readable cookies storage file | |||||
| CVE-2012-0842 | 2 Debian, Suckless | 2 Debian Linux, Surf | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| surf: cookie jar has read access from other local user | |||||
| CVE-2012-0812 | 2 Debian, Postfix Admin Project | 2 Debian Linux, Postfix Admin | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| PostfixAdmin 2.3.4 has multiple XSS vulnerabilities | |||||
| CVE-2012-0810 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention. | |||||
| CVE-2012-0718 | 1 Ibm | 1 Tivoli Endpoint Manager | 2024-11-21 | 5.8 MEDIUM | 5.4 MEDIUM |
| IBM Tivoli Endpoint Manager 8 does not set the HttpOnly flag on cookies. | |||||
| CVE-2012-0334 | 1 Cisco | 1 Ironport Web Security Appliance | 2024-11-21 | 3.2 LOW | 6.4 MEDIUM |
| Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks | |||||
| CVE-2012-0049 | 3 Debian, Fedoraproject, Openttd | 3 Debian Linux, Fedora, Openttd | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. | |||||
| CVE-2011-5329 | 1 Redirection | 1 Redirection | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The redirection plugin before 2.2.9 for WordPress has XSS in the admin menu, a different issue than CVE-2011-4562. | |||||
| CVE-2011-5282 | 1 Mirc | 1 Mirc | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| mIRC prior to 7.22 has a message leak because chopping of outbound messages is mishandled. | |||||
| CVE-2011-5271 | 1 Clusterlabs | 1 Pacemaker | 2024-11-21 | 3.3 LOW | 5.5 MEDIUM |
| Pacemaker before 1.1.6 configure script creates temporary files insecurely | |||||
| CVE-2011-5250 | 1 Prophecyinternational | 1 Snare | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Snare for Linux before 1.7.0 has CSRF in the web interface. | |||||
| CVE-2011-5018 | 1 Koala-framework | 1 Koala Framework | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Koala Framework before 2011-11-21 has XSS via the request_uri parameter. | |||||
| CVE-2011-4968 | 2 Debian, F5 | 2 Debian Linux, Nginx | 2024-11-21 | 5.8 MEDIUM | 4.8 MEDIUM |
| nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM) | |||||
| CVE-2011-4938 | 1 Muze | 1 Ariadne | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in Ariadne 2.7.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO parameter to (1) index.php and (2) loader.php. | |||||
| CVE-2011-4924 | 1 Zope | 1 Zope | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3, 3.1.1 through 3.4.1. allows remote attackers to inject arbitrary web script or HTML via vectors related to the way error messages perform sanitization. NOTE: this issue exists because of an incomplete fix for CVE-2010-1104 | |||||