Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4528 | 3 Fedoraproject, Opensuse, Trustwave | 3 Fedora, Opensuse, Modsecurity | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
|
|||||
| CVE-2012-6065 | 2 Daniel Honrade, Drupal | 2 Om Maximenu, Drupal | 2025-04-11 | 4.6 MEDIUM | N/A |
|
The OM Maximenu module 6.x-1.43 and earlier for Drupal, when the "Title has PHP" option is enabled, allows remote authenticated users with the "Administer OM Maximenu" permission to execute arbitrary PHP code via a "Link Title," a different vulnerability than CVE-2012-5553.
|
|||||
| CVE-2013-4838 | 1 Hp | 1 Loadrunner | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1850.
|
|||||
| CVE-2010-4413 | 1 Oracle | 1 Database Server | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Scheduler Agent component in Oracle Database Server 11.1.0.7 and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2011-3125 | 1 Wordpress | 1 Wordpress | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Various security hardening."
|
|||||
| CVE-2012-1732 | 1 Oracle | 1 Siebel Crm | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Framework, a different vulnerability than CVE-2012-1754.
|
|||||
| CVE-2010-0853 | 1 Oracle | 2 Database Server, Fusion Middleware | 2025-04-11 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8, 9.2.0.8, and DV; and Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2010-0088 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0085.
|
|||||
| CVE-2010-4482 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to bypass the pop-up blocker via unknown vectors.
|
|||||
| CVE-2011-4929 | 1 Redmine | 1 Redmine | 2025-04-11 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the bazaar repository adapter in Redmine 0.9.x and 1.0.x before 1.0.5 allows remote attackers to execute arbitrary commands via unknown vectors.
|
|||||
| CVE-2010-2406 | 1 Oracle | 1 Siebel Suite | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Siebel Core - Highly Interactive Client component in Oracle Siebel Suite 7.7.2.12, 7.8.2.14, 8.0.0.10, and 8.1.1.3 allows remote authenticated users to affect confidentiality via unknown vectors.
|
|||||
| CVE-2013-0420 | 2 Opensuse, Oracle | 3 Opensuse, Virtualization, Vm Virtualbox | 2025-04-11 | 2.4 LOW | N/A |
|
Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 4.0, 4.1, and 4.2 allows local users to affect integrity and availability via unknown vectors related to Core. NOTE: The previous information was obtained from the January 2013 Oracle CPU. Oracle has not commented on claims from another vendor that this issue is related to an incorrect comparison in the vga_draw_text function in Devices/Graphics/DevVGA.cpp, which can cause VirtualBox to "draw more lines than necessar ...
Show More |
|||||
| CVE-2011-1725 | 1 Hp | 1 Network Automation | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to obtain sensitive information via unknown vectors.
|
|||||
| CVE-2012-3506 | 1 Apache | 1 Ofbiz | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.03 has unknown impact and attack vectors.
|
|||||
| CVE-2010-0866 | 1 Oracle | 1 Database Server | 2025-04-11 | 6.5 MEDIUM | N/A |
|
Unspecified vulnerability in the JavaVM component in Oracle Database 11.1.0.7 and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2012-3175 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-0518.
|
|||||
| CVE-2010-4026 | 1 Hp | 1 Palm Webos | 2025-04-11 | 6.2 MEDIUM | N/A |
|
Unspecified vulnerability in the service API in HP Palm webOS 1.4.1 allows local users to gain privileges by leveraging the ability to perform certain service calls.
|
|||||
| CVE-2013-2868 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
common/extensions/sync_helper.cc in Google Chrome before 28.0.1500.71 proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting, which might allow remote attackers to trigger unwanted extension changes via unspecified vectors.
|
|||||
| CVE-2014-0430 | 1 Oracle | 1 Mysql | 2025-04-11 | 2.8 LOW | N/A |
|
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.
|
|||||
| CVE-2013-6245 | 1 Sybase | 1 Adaptive Server Enterprise | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2012-3526 | 2 Apache, Thomas Eibner | 2 Http Server, Mod Rpaf | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.
|
|||||
| CVE-2013-2353 | 1 Hp | 1 Storeonce D2d | 2025-04-11 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in HP StoreOnce D2D Backup System 1.x before 1.2.19 and 2.x before 2.3.0 allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2011-3516 | 2 Microsoft, Sun | 3 Windows, Jdk, Jre | 2025-04-11 | 7.6 HIGH | N/A |
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
|
|||||
| CVE-2012-0116 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-11 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
|
|||||
| CVE-2013-5806 | 1 Oracle | 2 Jdk, Jre | 2025-04-11 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5805.
|
|||||
| CVE-2012-0492 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-11 | 2.1 LOW | N/A |
|
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485.
|
|||||
| CVE-2013-0375 | 4 Canonical, Mariadb, Oracle and 1 more | 7 Ubuntu Linux, Mariadb, Mysql and 4 more | 2025-04-11 | 5.5 MEDIUM | 5.4 MEDIUM |
|
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.
|
|||||
| CVE-2013-5822 | 1 Oracle | 1 Ilearning | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Learner Administration.
|
|||||
| CVE-2011-2273 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Agile Core Technology component in Oracle Supply Chain Products Suite 9.3.0.3 and 9.3.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Search.
|
|||||
| CVE-2013-2462 | 1 Oracle | 2 Jdk, Jre | 2025-04-11 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
|
|||||
| CVE-2011-0796 | 1 Oracle | 1 E-business Suite | 2025-04-11 | 1.7 LOW | N/A |
|
Unspecified vulnerability in the Applications Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows local users to affect confidentiality via unknown vectors.
|
|||||
| CVE-2013-3784 | 1 Oracle | 1 Peoplesoft Products | 2025-04-11 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors Time and Labor.
|
|||||
| CVE-2011-2263 | 1 Oracle | 23 Netra Sparc T3-1, Sparc T3-1, Sparc T3-1b and 20 more | 2025-04-11 | 2.1 LOW | N/A |
|
Unspecified vulnerability in Sun Integrated Lights Out Manager in Oracle SysFW 8.0.3.b or earlier for various Oracle SPARC T3, SPARC Netra T3, Sun Blade, and Sun Fire servers allows local users to affect confidentiality via unknown vectors.
|
|||||
| CVE-2012-3195 | 1 Oracle | 1 Peoplesoft Products | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect confidentiality via unknown vectors related to Portal.
|
|||||
| CVE-2010-2818 | 1 Cisco | 4 Catalyst 6500, Catalyst 7600, Firewall Services Module and 1 more | 2025-04-11 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) with software 3.1 before 3.1(17.2), 3.2 before 3.2(16.1), 4.0 before 4.0(10.1), and 4.1 before 4.1(1.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via crafted SunRPC messages, aka Bug ID CSCte61710.
|
|||||
| CVE-2011-1286 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger incorrect access to memory.
|
|||||
| CVE-2013-5382 | 1 Ibm | 1 Maximo Asset Management | 2025-04-11 | 4.0 MEDIUM | N/A |
|
IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to gain privileges via unspecified vectors, a different vulnerability than CVE-2013-5383.
|
|||||
| CVE-2013-3755 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5.0 allows remote attackers to affect integrity via vectors related to SSO Engine.
|
|||||
| CVE-2012-2006 | 2 Hp, Microsoft | 4 Insight Management Agents, Windows 2003 Server, Windows Server 2003 and 1 more | 2025-04-11 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to modify data or cause a denial of service via unknown vectors.
|
|||||
| CVE-2010-3513 | 1 Oracle | 2 Opensolaris, Solaris | 2025-04-11 | 2.4 LOW | N/A |
|
Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect integrity and availability via unknown vectors related to Device Drivers.
|
|||||