Export limit exceeded: 337687 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (337687 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-0812 | 2 Debian, Postfix Admin Project | 2 Debian Linux, Postfix Admin | 2024-11-21 | 6.1 Medium |
| PostfixAdmin 2.3.4 has multiple XSS vulnerabilities | ||||
| CVE-2012-0810 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2024-11-21 | 5.5 Medium |
| The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention. | ||||
| CVE-2012-0785 | 2 Cloudbees, Jenkins | 2 Jenkins, Jenkins | 2024-11-21 | 7.5 High |
| Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack." | ||||
| CVE-2012-0771 | 1 Adobe | 1 Shockwave Player | 2024-11-21 | N/A |
| Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0759. | ||||
| CVE-2012-0718 | 1 Ibm | 1 Tivoli Endpoint Manager | 2024-11-21 | 5.4 Medium |
| IBM Tivoli Endpoint Manager 8 does not set the HttpOnly flag on cookies. | ||||
| CVE-2012-0699 | 1 Haudenschilt | 1 Family Connections Cms | 2024-11-21 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add news via an add action to familynews.php or (2) add a prayer via an add action to prayers.php. | ||||
| CVE-2012-0694 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 9.8 Critical |
| SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allows remote attackers to execute arbitrary PHP code. | ||||
| CVE-2012-0433 | 1 Crowbar Project | 1 Crowbar | 2024-11-21 | N/A |
| The install-chef-suse.sh script shipped with crowbar before 2012-10-02 is creating files containing confidential data with insecure permissions, allowing local users to read confidential data. | ||||
| CVE-2012-0334 | 1 Cisco | 1 Ironport Web Security Appliance | 2024-11-21 | 6.4 Medium |
| Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks | ||||
| CVE-2012-0070 | 1 Spamdyke | 1 Spamdyke | 2024-11-21 | 7.5 High |
| spamdyke prior to 4.2.1: STARTTLS reveals plaintext | ||||
| CVE-2012-0063 | 1 Tucaneando | 1 Tucan | 2024-11-21 | 8.1 High |
| Insecure plugin update mechanism in tucan through 0.3.10 could allow remote attackers to perform man-in-the-middle attacks and execute arbitrary code ith the permissions of the user running tucan. | ||||
| CVE-2012-0055 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 7.8 High |
| OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions. | ||||
| CVE-2012-0051 | 2 Debian, Tahoe-lafs | 2 Debian Linux, Tahoe-lafs | 2024-11-21 | 7.4 High |
| Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval. | ||||
| CVE-2012-0049 | 3 Debian, Fedoraproject, Openttd | 3 Debian Linux, Fedora, Openttd | 2024-11-21 | 4.3 Medium |
| OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. | ||||
| CVE-2012-0046 | 1 Mediawiki | 1 Mediawiki | 2024-11-21 | 7.5 High |
| mediawiki allows deleted text to be exposed | ||||
| CVE-2011-5331 | 1 Distributed Ruby Project | 1 Distributed Ruby | 2024-11-21 | 9.8 Critical |
| Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval. | ||||
| CVE-2011-5330 | 1 Distributed Ruby Project | 1 Distributed Ruby | 2024-11-21 | 9.8 Critical |
| Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls. | ||||
| CVE-2011-5329 | 1 Redirection | 1 Redirection | 2024-11-21 | N/A |
| The redirection plugin before 2.2.9 for WordPress has XSS in the admin menu, a different issue than CVE-2011-4562. | ||||
| CVE-2011-5328 | 1 User Access Manager Project | 1 User Access Manager | 2024-11-21 | N/A |
| The user-access-manager plugin before 1.2 for WordPress has CSRF. | ||||
| CVE-2011-5327 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 9.8 Critical |
| In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_tpg() function could result in at least memory corruption. | ||||