Total
10028 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-5234 | 1 Ocportal | 1 Ocportal | 2024-02-04 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in index.php in ocPortal before 7.1.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter. | |||||
| CVE-2013-4636 | 1 Php | 1 Php | 2024-02-04 | 4.3 MEDIUM | N/A |
| The mget function in libmagic/softmagic.c in the Fileinfo component in PHP 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via an MP3 file that triggers incorrect MIME type detection during access to an finfo object. | |||||
| CVE-2013-0221 | 2 Opensuse, Redhat | 2 Opensuse, Enterprise Linux | 2024-02-04 | 4.3 MEDIUM | N/A |
| The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command, when using the (1) -d or (2) -M switch, which triggers a stack-based buffer overflow in the alloca function. | |||||
| CVE-2011-4016 | 1 Cisco | 1 Ios | 2024-02-04 | 5.4 MEDIUM | N/A |
| The PPP implementation in Cisco IOS 12.2 and 15.0 through 15.2, when Point-to-Point Termination and Aggregation (PTA) and L2TP are used, allows remote attackers to cause a denial of service (device crash) via crafted network traffic, aka Bug ID CSCtf71673. | |||||
| CVE-2012-4520 | 1 Djangoproject | 1 Django | 2024-02-04 | 6.4 MEDIUM | N/A |
| The django.http.HttpRequest.get_host function in Django 1.3.x before 1.3.4 and 1.4.x before 1.4.2 allows remote attackers to generate and display arbitrary URLs via crafted username and password Host header values. | |||||
| CVE-2012-4091 | 1 Cisco | 1 Nx-os | 2024-02-04 | 5.0 MEDIUM | N/A |
| The RIP service engine in Cisco NX-OS allows remote attackers to cause a denial of service (engine restart) via a malformed (1) RIPv4 or (2) RIPv6 message, aka Bug ID CSCtj73415. | |||||
| CVE-2013-5576 | 1 Joomla | 1 Joomla\! | 2024-02-04 | 6.8 MEDIUM | N/A |
| administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing . (dot), as exploited in the wild in August 2013. | |||||
| CVE-2013-3996 | 1 Ibm | 1 Infosphere Biginsights | 2024-02-04 | 4.9 MEDIUM | N/A |
| IBM InfoSphere BigInsights 1.1 through 2.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct phishing attacks via a crafted web site. | |||||
| CVE-2013-5561 | 1 Cisco | 1 Adaptive Security Appliance Cx Context-aware Security Software | 2024-02-04 | 5.0 MEDIUM | N/A |
| The Safe Search enforcement feature in Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security Software does not properly perform filtering, which allows remote attackers to bypass intended policy restrictions via unspecified vectors, aka Bug ID CSCui94622. | |||||
| CVE-2011-4006 | 1 Cisco | 2 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software | 2024-02-04 | 7.8 HIGH | N/A |
| The ESMTP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.5 allows remote attackers to cause a denial of service (CPU consumption) via an unspecified closing sequence, aka Bug ID CSCtt32565. | |||||
| CVE-2012-2488 | 1 Cisco | 3 Asr 9000 Rsp440 Router, Crs Performance Route Processor, Ios Xr | 2024-02-04 | 7.8 HIGH | N/A |
| Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593. | |||||
| CVE-2012-3515 | 7 Canonical, Debian, Opensuse and 4 more | 14 Ubuntu Linux, Debian Linux, Opensuse and 11 more | 2024-02-04 | 7.2 HIGH | N/A |
| Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." | |||||
| CVE-2013-3574 | 1 Hp | 1 Insight Diagnostics | 2024-02-04 | 7.8 HIGH | N/A |
| Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath (aka mount) parameter. | |||||
| CVE-2013-3868 | 1 Microsoft | 6 Active Directory Lightweight Directory Service, Windows 7, Windows 8 and 3 more | 2024-02-04 | 5.0 MEDIUM | N/A |
| Microsoft Active Directory Lightweight Directory Service (AD LDS) on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 and Active Directory Services on Windows Server 2008 SP2 and R2 SP1 and Server 2012 allow remote attackers to cause a denial of service (LDAP directory-service outage) via a crafted LDAP query, aka "Remote Anonymous DoS Vulnerability." | |||||
| CVE-2013-3724 | 1 Monkey-project | 1 Monkey | 2024-02-04 | 5.0 MEDIUM | N/A |
| The mk_request_header_process function in mk_request.c in Monkey 1.1.1 allows remote attackers to cause a denial of service (thread crash and service outage) via a '\0' character in an HTTP request. | |||||
| CVE-2012-2279 | 2 Emc, Rsa | 3 Rsa Authentication Manager, Authentication Manager, Securid Appliance | 2024-02-04 | 6.4 MEDIUM | N/A |
| Open redirect vulnerability in the Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
| CVE-2012-0385 | 1 Cisco | 1 Ios | 2024-02-04 | 7.8 HIGH | N/A |
| The Smart Install feature in Cisco IOS 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (device reload) by sending a malformed Smart Install message over TCP, aka Bug ID CSCtt16051. | |||||
| CVE-2013-7264 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 4.9 MEDIUM | N/A |
| The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. | |||||
| CVE-2013-6414 | 1 Rubyonrails | 2 Rails, Ruby On Rails | 2024-02-04 | 5.0 MEDIUM | N/A |
| actionpack/lib/action_view/lookup_context.rb in Action View in Ruby on Rails 3.x before 3.2.16 and 4.x before 4.0.2 allows remote attackers to cause a denial of service (memory consumption) via a header containing an invalid MIME type that leads to excessive caching. | |||||
| CVE-2012-3026 | 1 Ge | 1 Intelligent Platforms Proficy Real-time Information Portal | 2024-02-04 | 10.0 HIGH | N/A |
| rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 through 3.5 SP1 allows remote attackers to cause a denial of service (memory corruption and service crash) or possibly execute arbitrary code via long input data, a different vulnerability than CVE-2012-3010 and CVE-2012-3021. | |||||