Export limit exceeded: 337976 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 337976 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (337976 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-0952 | 1 Nvidia | 1 Display Driver | 2024-11-21 | 5 Medium |
| A heap buffer overflow was discovered in the device control ioctl in the Linux driver for Nvidia graphics cards, which may allow an attacker to overflow 49 bytes. This issue was fixed in version 295.53. | ||||
| CVE-2012-0951 | 1 Nvidia | 1 Display Driver | 2024-11-21 | 7.8 High |
| A Memory Corruption Vulnerability exists in NVIDIA Graphics Drivers 29549 due to an unknown function in the file proc/driver/nvidia/registry. | ||||
| CVE-2012-0945 | 1 Whoopsie-daisy Project | 1 Whoopsie-daisy | 2024-11-21 | 4.9 Medium |
| whoopsie-daisy before 0.1.26: Root user can remove arbitrary files | ||||
| CVE-2012-0941 | 1 Fortinet | 1 Fortios | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Endpoint Monitor, (2) Dialup List, or (3) Log&Report Display modules, or the fields_sorted_opt parameter to (4) user/auth/list or (5) endpointcompliance/app_detect/predefined_sig_list. | ||||
| CVE-2012-0877 | 2 Python, Redhat | 3 Pyxml, Enterprise Linux, Enterprise Virtualization Hypervisor | 2024-11-21 | 7.5 High |
| PyXML: Hash table collisions CPU usage Denial of Service | ||||
| CVE-2012-0844 | 2 Debian, Netsurf-browser | 2 Debian Linux, Netsurf | 2024-11-21 | 5.5 Medium |
| Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar. | ||||
| CVE-2012-0843 | 2 Debian, Uzbl | 2 Debian Linux, Uzbl | 2024-11-21 | 5.5 Medium |
| uzbl: Information disclosure via world-readable cookies storage file | ||||
| CVE-2012-0842 | 2 Debian, Suckless | 2 Debian Linux, Surf | 2024-11-21 | 5.5 Medium |
| surf: cookie jar has read access from other local user | ||||
| CVE-2012-0828 | 3 Gnome, Xchat, Xchat-wdk | 3 Gtk, Xchat, Xchat-wdk | 2024-11-21 | 9.8 Critical |
| Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers to cause a denial of service (xchat client crash) or execute arbitrary code via a UTF-8 line from server containing characters outside of the Basic Multilingual Plane (BMP). | ||||
| CVE-2012-0824 | 1 Gnu | 1 Gnusound | 2024-11-21 | 9.8 Critical |
| gnusound 0.7.5 has format string issue | ||||
| CVE-2012-0812 | 2 Debian, Postfix Admin Project | 2 Debian Linux, Postfix Admin | 2024-11-21 | 6.1 Medium |
| PostfixAdmin 2.3.4 has multiple XSS vulnerabilities | ||||
| CVE-2012-0810 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2024-11-21 | 5.5 Medium |
| The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention. | ||||
| CVE-2012-0785 | 2 Cloudbees, Jenkins | 2 Jenkins, Jenkins | 2024-11-21 | 7.5 High |
| Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack." | ||||
| CVE-2012-0771 | 1 Adobe | 1 Shockwave Player | 2024-11-21 | N/A |
| Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0759. | ||||
| CVE-2012-0718 | 1 Ibm | 1 Tivoli Endpoint Manager | 2024-11-21 | 5.4 Medium |
| IBM Tivoli Endpoint Manager 8 does not set the HttpOnly flag on cookies. | ||||
| CVE-2012-0699 | 1 Haudenschilt | 1 Family Connections Cms | 2024-11-21 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add news via an add action to familynews.php or (2) add a prayer via an add action to prayers.php. | ||||
| CVE-2012-0694 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 9.8 Critical |
| SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allows remote attackers to execute arbitrary PHP code. | ||||
| CVE-2012-0433 | 1 Crowbar Project | 1 Crowbar | 2024-11-21 | N/A |
| The install-chef-suse.sh script shipped with crowbar before 2012-10-02 is creating files containing confidential data with insecure permissions, allowing local users to read confidential data. | ||||
| CVE-2012-0334 | 1 Cisco | 1 Ironport Web Security Appliance | 2024-11-21 | 6.4 Medium |
| Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks | ||||
| CVE-2012-0070 | 1 Spamdyke | 1 Spamdyke | 2024-11-21 | 7.5 High |
| spamdyke prior to 4.2.1: STARTTLS reveals plaintext | ||||