Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4435 | 1 Sun | 1 Sunos | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from other software vendors that this affects other operating systems, such as HP-UX, or claims from a reliable third party that this is a buffer overflow in rpc.cmsd via long XDR-encoded ASCII strin ...
Show More |
|||||
| CVE-2011-4255 | 1 Realnetworks | 1 Realplayer | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via an invalid codec name.
|
|||||
| CVE-2013-2275 | 3 Canonical, Puppet, Puppetlabs | 4 Ubuntu Linux, Puppet, Puppet Enterprise and 1 more | 2025-04-11 | 4.0 MEDIUM | N/A |
|
The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, allows remote authenticated nodes to submit reports for other nodes via unspecified vectors.
|
|||||
| CVE-2010-1201 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-11 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.10, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
|
|||||
| CVE-2012-5084 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 7.6 HIGH | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
|
|||||
| CVE-2013-2431 | 1 Oracle | 2 Jdk, Jre | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using "method handle intrinsic frames."
|
|||||
| CVE-2012-2014 | 3 Hp, Linux, Microsoft | 3 System Management Homepage, Linux Kernel, Windows | 2025-04-11 | 9.0 HIGH | N/A |
|
HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated users to have an unspecified impact via unknown vectors.
|
|||||
| CVE-2012-5991 | 1 Cisco | 9 2000 Wireless Lan Controller, 2100 Wireless Lan Controller, 2500 Wireless Lan Controller and 6 more | 2025-04-11 | 6.3 MEDIUM | N/A |
|
screens/base/web_auth_custom.html on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allows remote authenticated users to cause a denial of service (device reload) via a certain buttonClicked value in an internal webauth_type request, aka Bug ID CSCud50209.
|
|||||
| CVE-2010-2106 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in Google Chrome before 5.0.375.55 might allow remote attackers to spoof the URL bar via vectors involving unload event handlers.
|
|||||
| CVE-2013-2420 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient "validation of images" in share/na ...
Show More |
|||||
| CVE-2011-0800 | 1 Sun | 1 Sunos | 2025-04-11 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Administration Utilities.
|
|||||
| CVE-2010-2172 | 1 Adobe | 1 Flash Player | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Adobe Flash Player 9 before 9.0.277.0 on unspecified UNIX platforms allows attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2012-6299 | 1 Ca | 1 Identityminder | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12.5 before SP15, and r12.6 GA allows remote attackers to bypass intended access restrictions via unknown vectors.
|
|||||
| CVE-2012-5205 | 1 Hp | 2 Intelligent Management Center, Intelligent Management Center For Automated Network Manager | 2025-04-11 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1650.
|
|||||
| CVE-2011-3549 | 1 Sun | 2 Jdk, Jre | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
|
|||||
| CVE-2013-5821 | 2 Oracle, Sun | 2 Sunos, Sunos | 2025-04-11 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11.1 allows local users to affect confidentiality, integrity, and availability via vectors related to RPC.
|
|||||
| CVE-2013-1482 | 1 Oracle | 1 Javafx | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than other CVEs listed in the February 2013 CPU.
|
|||||
| CVE-2013-3771 | 1 Oracle | 1 Database Server | 2025-04-11 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in the Oracle executable component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-3760.
|
|||||
| CVE-2013-1485 | 1 Oracle | 2 Jdk, Jre | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
|
|||||
| CVE-2012-4461 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 1.9 LOW | N/A |
|
The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the guest cr4 register, then calling the KVM_RUN ioctl.
|
|||||
| CVE-2002-2432 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username.
|
|||||
| CVE-2012-0511 | 1 Oracle | 1 Database Server | 2025-04-11 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the OCI component in Oracle Database Server 10.2.0.3, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect confidentiality and integrity via unknown vectors.
|
|||||
| CVE-2014-0369 | 1 Oracle | 1 Siebel Crm | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Java Integration, a different vulnerability than CVE-2015-0366.
|
|||||
| CVE-2013-5902 | 1 Oracle | 2 Jdk, Jre | 2025-04-11 | 5.1 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2014-0410, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.
|
|||||
| CVE-2012-0189 | 1 Ibm | 1 Spss Samplepower | 2025-04-11 | 9.3 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the (1) PrintFile and (2) SaveDoc methods in the VsVIEW6 ActiveX control in VsVIEW6.ocx in IBM SPSS SamplePower 3.0 allow remote attackers to execute arbitrary code via a crafted HTML document.
|
|||||
| CVE-2011-3517 | 1 Oracle | 1 Sun Products Suite | 2025-04-11 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 8.0 allows remote attackers to affect availability via unknown vectors related to Authentication.
|
|||||
| CVE-2013-2402 | 1 Oracle | 1 Peoplesoft Products | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect integrity via unknown vectors related to WorkCenter.
|
|||||
| CVE-2011-1999 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Microsoft Internet Explorer 8 does not properly allocate and access memory, which allows remote attackers to execute arbitrary code via vectors involving a "dereferenced memory address," aka "Select Element Remote Code Execution Vulnerability."
|
|||||
| CVE-2009-5126 | 1 Comodo | 1 Comodo Internet Security | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The Antivirus component in Comodo Internet Security before 3.8.65951.477 allows remote attackers to cause a denial of service (application crash) via a crafted file.
|
|||||
| CVE-2012-0510 | 1 Oracle | 1 Database Server | 2025-04-11 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, and 11.1.0.7 allows remote attackers to affect integrity and availability via unknown vectors.
|
|||||
| CVE-2011-3507 | 1 Oracle | 1 Sun Products Suite | 2025-04-11 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the Oracle Communications Unified component in Oracle Sun Products Suite 7.0 allows remote authenticated users to affect integrity via unknown vectors related to Messaging Server.
|
|||||
| CVE-2013-1512 | 2 Mariadb, Oracle | 2 Mariadb, Mysql | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
|
|||||
| CVE-2010-2833 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-11 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the NAT for H.225.0 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtd86472.
|
|||||
| CVE-2013-2392 | 3 Mariadb, Oracle, Redhat | 6 Mariadb, Mysql, Enterprise Linux Desktop and 3 more | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
|
|||||
| CVE-2009-5071 | 1 Hp | 1 Palm Pre Webos | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Palm Pre WebOS before 1.2.1 has unknown impact and attack vectors related to an "included contact template file."
|
|||||
| CVE-2013-2349 | 1 Hp | 1 Storage Data Protector | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1896.
|
|||||
| CVE-2013-0840 | 1 Google | 1 Chrome | 2025-04-11 | 10.0 HIGH | N/A |
|
Google Chrome before 24.0.1312.56 does not validate URLs during the opening of new windows, which has unspecified impact and remote attack vectors.
|
|||||
| CVE-2011-1373 | 1 Ibm | 1 Db2 | 2025-04-11 | 1.5 LOW | N/A |
|
Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the Self Tuning Memory Manager (STMM) feature and the AUTOMATIC DATABASE_MEMORY setting are configured, allows local users to cause a denial of service (daemon crash) via unknown vectors.
|
|||||
| CVE-2012-0108 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 3.5 LOW | N/A |
|
Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Middleware 10.1.3.6.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Web, a different vulnerability than CVE-2012-0086 and CVE-2012-0095.
|
|||||
| CVE-2012-0101 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102.
|
|||||