Export limit exceeded: 337711 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (337711 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-1577 | 3 Debian, Dietlibc Project, Openbsd | 3 Debian Linux, Dietlibc, Openbsd | 2024-11-21 | 9.8 Critical |
| lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0. | ||||
| CVE-2012-1572 | 2 Debian, Openstack | 2 Debian Linux, Keystone | 2024-11-21 | 7.5 High |
| OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space | ||||
| CVE-2012-1567 | 1 Linuxmint | 1 Linuxmint | 2024-11-21 | 7.5 High |
| LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintUpdate. | ||||
| CVE-2012-1566 | 1 Linuxmint | 1 Linuxmint | 2024-11-21 | 7.5 High |
| LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintNanny. | ||||
| CVE-2012-1563 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 7.5 High |
| Joomla! before 2.5.3 allows Admin Account Creation. | ||||
| CVE-2012-1562 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 7.5 High |
| Joomla! core before 2.5.3 allows unauthorized password change. | ||||
| CVE-2012-1500 | 1 Atlassian | 2 Greenhopper, Jira | 2024-11-21 | 5.4 Medium |
| Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8 allows an attacker to inject arbitrary script code. | ||||
| CVE-2012-1496 | 1 Webcalendar Project | 1 Webcalendar | 2024-11-21 | 8.8 High |
| Local file inclusion in WebCalendar before 1.2.5. | ||||
| CVE-2012-1495 | 1 Webcalendar Project | 1 Webcalendar | 2024-11-21 | 9.8 Critical |
| install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter. | ||||
| CVE-2012-1326 | 1 Cisco | 1 Ironport Web Security Appliance | 2024-11-21 | 7.4 High |
| Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks | ||||
| CVE-2012-1316 | 1 Cisco | 1 Ironport Web Security Appliance | 2024-11-21 | 5.9 Medium |
| Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacks | ||||
| CVE-2012-1261 | 1 Plixer | 1 Scrutinizer Netflow \& Sflow Analyzer | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in cgi-bin/scrut_fa_exclusions.cgi in Plixer International Scrutinizer NetFlow and sFlow Analyzer 8.6.2.16204 and other versions before 9.0.1.19899 allows remote attackers to inject arbitrary web script or HTML via the standalone parameter. | ||||
| CVE-2012-1260 | 1 Plixer | 1 Scrutinizer Netflow \& Sflow Analyzer | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allows remote attackers to inject arbitrary web script or HTML via the newUser parameter. NOTE: this might not be a vulnerability, since an administrator might already have the privileges to create arbitrary script. | ||||
| CVE-2012-1259 | 1 Plixer | 1 Scrutinizer Netflow \& Sflow Analyzer | 2024-11-21 | 9.8 Critical |
| Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the (1) addip parameter to cgi-bin/scrut_fa_exclusions.cgi, (2) getPermissionsAndPreferences parameter to cgi-bin/login.cgi, or (3) possibly certain parameters to d4d/alarms.php as demonstrated by the search_str parameter. | ||||
| CVE-2012-1258 | 1 Plixer | 1 Scrutinizer Netflow \& Sflow Analyzer | 2024-11-21 | 6.5 Medium |
| cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer before 9.0.1.19899 does not validate user permissions, which allow remote attackers to add user accounts with administrator privileges via the newuser, pwd, and selectedUserGroup parameters. | ||||
| CVE-2012-1257 | 1 Pidgin | 1 Pidgin | 2024-11-21 | 5.5 Medium |
| Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor. | ||||
| CVE-2012-1187 | 1 Bitlbee | 1 Bitlbee | 2024-11-21 | 9.8 Critical |
| Bitlbee does not drop extra group privileges correctly in unix.c | ||||
| CVE-2012-1170 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 7.5 High |
| Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough | ||||
| CVE-2012-1169 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 5.3 Medium |
| Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs. | ||||
| CVE-2012-1168 | 3 Fedoraproject, Moodle, Redhat | 3 Fedora, Moodle, Enterprise Linux | 2024-11-21 | 8.2 High |
| Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified. | ||||