Total
29921 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-6306 | 1 Hcview Project | 1 Hcview | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability exists in HCView (aka Hardcoreview) 1.4 due to a write access violation with a GIF file. | |||||
| CVE-2012-6277 | 3 Hp, Ibm, Symantec | 7 Autonomy Keyview Idol, Domino, Notes and 4 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of underlying issues" in which "some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code." | |||||
| CVE-2012-5626 | 1 Redhat | 6 Jboss Brms, Jboss Enterprise Application Platform, Jboss Enterprise Web Server and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation. | |||||
| CVE-2012-4818 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | N/A | 6.5 MEDIUM |
| IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remote authenticated attacker to obtain sensitive information, caused by improper restrictions on directories. An attacker could exploit this vulnerability via the DataStage application to load or import content functionality to view arbitrary files on the system. | |||||
| CVE-2012-3810 | 1 Samsung | 1 Kies | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Samsung Kies before 2.5.0.12094_27_11 has registry modification. | |||||
| CVE-2012-3809 | 1 Samsung | 1 Kies | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Samsung Kies before 2.5.0.12094_27_11 has arbitrary directory modification. | |||||
| CVE-2012-3808 | 1 Samsung | 1 Kies | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Samsung Kies before 2.5.0.12094_27_11 has arbitrary file modification. | |||||
| CVE-2012-3807 | 1 Samsung | 1 Kies | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution. | |||||
| CVE-2012-3490 | 1 Wisc | 1 Htcondor | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors. | |||||
| CVE-2012-2204 | 1 Ibm | 1 Infosphere Guardium | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| InfoSphere Guardium aix_ktap module: DoS | |||||
| CVE-2012-2201 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | N/A | 7.5 HIGH |
| IBM WebSphere MQ 7.1 is vulnerable to a denial of service, caused by an error when handling user ids. A remote attacker could exploit this vulnerability to bypass the security configuration setup on a SVRCONN channel and flood the queue manager. | |||||
| CVE-2012-1567 | 1 Linuxmint | 1 Linuxmint | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintUpdate. | |||||
| CVE-2012-1566 | 1 Linuxmint | 1 Linuxmint | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintNanny. | |||||
| CVE-2012-10016 | 1 Halulu | 1 Simple-download-button-shortcode | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability classified as problematic has been found in Halulu simple-download-button-shortcode Plugin 1.0 on WordPress. Affected is an unknown function of the file simple-download-button_dl.php of the component Download Handler. The manipulation of the argument file leads to information disclosure. It is possible to launch the attack remotely. Upgrading to version 1.1 is able to address this issue. The patch is identified as e648a8706818297cf02a665ae0bae1c069dea5f1. It is recommended to upgrade the affected component. VDB-242190 is the identifier assigned to this vulnerability. | |||||
| CVE-2012-0063 | 1 Tucaneando | 1 Tucan | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| Insecure plugin update mechanism in tucan through 0.3.10 could allow remote attackers to perform man-in-the-middle attacks and execute arbitrary code ith the permissions of the user running tucan. | |||||
| CVE-2011-5331 | 1 Distributed Ruby Project | 1 Distributed Ruby | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval. | |||||
| CVE-2011-5330 | 1 Distributed Ruby Project | 1 Distributed Ruby | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls. | |||||
| CVE-2011-4943 | 1 Impresspages | 1 Impresspages Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ImpressPages CMS v1.0.12 has Unspecified Remote Code Execution (fixed in v1.0.13) | |||||
| CVE-2011-4917 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat. | |||||
| CVE-2011-4117 | 1 Cpan | 1 Batch\ | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The Batch::BatchRun module 1.03 for Perl does not properly handle temporary files. | |||||