Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-6661 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknown vectors.
|
|||||
| CVE-2012-3555 | 1 Opera | 1 Opera Browser | 2025-04-11 | 7.6 HIGH | N/A |
|
Opera before 11.65 does not ensure that keyboard sequences are associated with a visible window, which makes it easier for user-assisted remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary code via a crafted web site, related to a "hidden keyboard navigation" issue.
|
|||||
| CVE-2012-3603 | 1 Apple | 1 Safari | 2025-04-11 | 9.3 HIGH | N/A |
|
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
|
|||||
| CVE-2011-3560 | 1 Sun | 2 Jdk, Jre | 2025-04-11 | 6.4 MEDIUM | N/A |
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity, related to JSSE.
|
|||||
| CVE-2011-3541 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 1.9 LOW | N/A |
|
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows local users to affect availability via unknown vectors related to Outside In Filters.
|
|||||
| CVE-2013-4836 | 1 Hp | 2 Alm Synchronizer, Application Lifecycle Management | 2025-04-11 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in the GossipService SOAP Request implementation in the Synchronizer component before 1.4.2 in HP Application LifeCycle Management (ALM) allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1759.
|
|||||
| CVE-2010-4452 | 1 Sun | 2 Jdk, Jre | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Deployment component in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors.
|
|||||
| CVE-2012-3677 | 1 Apple | 1 Itunes | 2025-04-11 | 6.8 MEDIUM | N/A |
|
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
|
|||||
| CVE-2010-3776 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-11 | 9.3 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
|
|||||
| CVE-2012-0513 | 1 Oracle | 1 E-business Suite | 2025-04-11 | 2.6 LOW | N/A |
|
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect integrity, related to REST Services.
|
|||||
| CVE-2014-0443 | 1 Oracle | 1 Peoplesoft Products | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 allows remote attackers to affect integrity via unknown vectors related to Security.
|
|||||
| CVE-2012-1674 | 1 Oracle | 1 Industry Applications | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Siebel Clinical component in Oracle Industry Applications 7.7, 7.8, 8.0.0.x, 8.1.1.x, and 8.2.2.x allows remote authenticated users to affect integrity via unknown vectors related to Web UI, a different vulnerability than CVE-2012-0582.
|
|||||
| CVE-2012-2821 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
The autofill implementation in Google Chrome before 20.0.1132.43 does not properly display text, which has unspecified impact and remote attack vectors.
|
|||||
| CVE-2012-5067 | 1 Oracle | 2 Jdk, Jre | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
|
|||||
| CVE-2010-3648 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
|
|||||
| CVE-2014-0375 | 1 Oracle | 2 Jdk, Jre | 2025-04-11 | 5.8 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5898 and CVE-2014-0403.
|
|||||
| CVE-2010-4472 | 1 Sun | 2 Jdk, Jre | 2025-04-11 | 2.6 LOW | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the "XML DSig Transform or C14N algorithm implementations."
|
|||||
| CVE-2011-3130 | 1 Wordpress | 1 Wordpress | 2025-04-11 | 7.5 HIGH | N/A |
|
wp-includes/taxonomy.php in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Taxonomy query hardening," possibly involving SQL injection.
|
|||||
| CVE-2010-4566 | 1 Citrix | 1 Access Gateway | 2025-04-11 | 9.3 HIGH | N/A |
|
The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise Edition 9.2-49.8 and earlier, and the NTLM authentication component in Access Gateway Standard and Advanced Editions before Access Gateway 5.0, allows attackers to execute arbitrary commands via shell metacharacters in the password field.
|
|||||
| CVE-2012-3757 | 1 Apple | 1 Quicktime | 2025-04-11 | 9.3 HIGH | N/A |
|
Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file.
|
|||||
| CVE-2011-2091 | 1 Adobe | 1 Coldfusion | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2011-2296 | 1 Sun | 1 Sunos | 2025-04-11 | 4.9 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability, related to Kernel/SCTP.
|
|||||
| CVE-2010-0623 | 3 Canonical, Linux, Opensuse | 3 Ubuntu Linux, Linux Kernel, Opensuse | 2025-04-11 | 4.9 MEDIUM | N/A |
|
The futex_lock_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly manage a certain reference count, which allows local users to cause a denial of service (OOPS) via vectors involving an unmount of an ext3 filesystem.
|
|||||
| CVE-2013-2432 | 2 Oracle, Sun | 5 Javafx, Jdk, Jre and 2 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2394 and CVE-2013-1491.
|
|||||
| CVE-2012-0580 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2, 6.0.0, and 6.1.1 allows remote attackers to affect integrity via unknown vectors related to Supplier Portal.
|
|||||
| CVE-2011-2299 | 1 Oracle | 6 Sparc Enterprise M3000 Server, Sparc Enterprise M4000 Server, Sparc Enterprise M5000 Server and 3 more | 2025-04-11 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Oracle SPARC Enterprise M3000, M4000, M5000, M8000, and M9000 XCP 1101 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to XSCF Control Package (XCP).
|
|||||
| CVE-2013-1149 | 1 Cisco | 5 5500 Series Adaptive Security Appliance, 6500 Series Adaptive Security Appliance, 7600 Series Adaptive Security Appliance and 2 more | 2025-04-11 | 7.8 HIGH | N/A |
|
Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.28), 8.1 and 8.2 before 8.2(5.35), 8.3 before 8.3(2.34), 8.4 before 8.4(4.11), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3), and Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(24.1) and 4.0 and 4.1 before 4.1(11.1), allow remote attackers to cause a denial of service (device reload) via a crafted IKEv1 message, aka Bug IDs CSCub85692 and CSCud20267.
|
|||||
| CVE-2011-2638 | 1 Opera | 1 Opera Browser | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by games on zylom.com.
|
|||||
| CVE-2011-4369 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.
|
|||||
| CVE-2013-3781 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7, 8.4.0, and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2013-3776.
|
|||||
| CVE-2012-3117 | 1 Oracle | 1 Supply Chain Products Suite | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote authenticated users to affect confidentiality via unknown vectors related to HTTP.
|
|||||
| CVE-2012-4276 | 1 Hitachi | 1 It Operations Director | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Hitachi IT Operations Director 02-50-01 through 02-50-07, 03-00 before 03-00-08 allows attackers to cause a denial of service via unknown attack vectors.
|
|||||
| CVE-2013-0783 | 5 Canonical, Debian, Mozilla and 2 more | 12 Ubuntu Linux, Debian Linux, Firefox and 9 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
|
|||||
| CVE-2009-4774 | 1 Sun | 2 Opensolaris, Solaris | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2007-6225.
|
|||||
| CVE-2011-3849 | 1 Broadcom | 1 Directory | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in dxserver before 6279 in CA Directory 8.1 and CA Directory r12 before SP7 CR1 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP packet.
|
|||||
| CVE-2011-3533 | 1 Oracle | 2 Peoplesoft Enterprise Hrms, Peoplesoft Products | 2025-04-11 | 5.5 MEDIUM | N/A |
|
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 8.9 allows remote authenticated users to affect confidentiality and integrity, related to Job Profile Manager (JPM).
|
|||||
| CVE-2011-3950 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 6.8 MEDIUM | N/A |
|
The dirac_decode_data_unit function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via a crafted value in the reference pictures number.
|
|||||
| CVE-2013-5784 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to SCRIPTING.
|
|||||
| CVE-2013-4011 | 1 Ibm | 2 Aix, Vios | 2025-04-11 | 7.2 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the InfiniBand subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allow local users to gain privileges via vectors involving (1) arp.ib or (2) ibstat.
|
|||||
| CVE-2011-0839 | 1 Sun | 1 Sunos | 2025-04-11 | 3.7 LOW | N/A |
|
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect availability, related to LOFS.
|
|||||