Total
10280 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-6597 | 1 Paloaltonetworks | 1 Pan-os | 2025-04-11 | 6.3 MEDIUM | N/A |
| Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to cause a denial of service (management-server crash) by using the command-line interface for a crafted command, aka Ref ID 35254. | |||||
| CVE-2012-4695 | 1 Rockwellautomation | 1 Rslinx Enterprise | 2025-04-11 | 7.1 HIGH | N/A |
| LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage) via a zero-byte UDP packet that is not properly handled by Logger.dll. | |||||
| CVE-2010-0101 | 1 Lexmark | 61 25xxn, C510, C52x and 58 more | 2025-04-11 | 7.8 HIGH | N/A |
| The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, including X94x, W840, T656, N4000, E462, C935dn, 25xxN, and other models, allows remote attackers to cause a denial of service (operating system halt) via a malformed HTTP Authorization header. | |||||
| CVE-2011-2502 | 1 Systemtap | 1 Systemtap | 2025-04-11 | 4.4 MEDIUM | N/A |
| runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument. | |||||
| CVE-2011-2170 | 1 Google | 1 Chrome Os | 2025-04-11 | 4.4 MEDIUM | N/A |
| Google Chrome OS before R12 0.12.433.38 Beta, when Guest mode is enabled, does not prevent changes on the about:flags page, which has unspecified impact and local attack vectors. | |||||
| CVE-2010-3350 | 1 Bareftp | 1 Bareftp | 2025-04-11 | 6.9 MEDIUM | N/A |
| bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2012-5823 | 1 Opensourceclassifieds | 1 Opensourceclassifieds | 2025-04-11 | 5.8 MEDIUM | N/A |
| Open Source Classifieds does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the PHP fsockopen function. | |||||
| CVE-2012-5356 | 1 Canonical | 1 Ubuntu Software Properties | 2025-04-11 | 5.8 MEDIUM | N/A |
| The apt-add-repository tool in Ubuntu Software Properties 0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8 does not properly check PPA GPG keys imported from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle (MITM) attack. | |||||
| CVE-2012-0584 | 2 Apple, Microsoft | 2 Safari, Windows | 2025-04-11 | 6.4 MEDIUM | N/A |
| The Internationalized Domain Name (IDN) feature in Apple Safari before 5.1.4 on Windows does not properly restrict the characters in URLs, which allows remote attackers to spoof a domain name via unspecified homoglyphs. | |||||
| CVE-2013-2814 | 1 Cooperindustries | 1 Dnp3 Master Opc Server | 2025-04-11 | 7.1 HIGH | N/A |
| Cooper Power Systems Cybectec DNP3 Master OPC Server allows remote attackers to cause a denial of service (unhandled exception and process crash) via unspecified vectors. | |||||
| CVE-2011-0019 | 2 Fedoraproject, Redhat | 2 389 Directory Server, Directory Server | 2025-04-11 | 7.5 HIGH | N/A |
| slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 (aka Red Hat Directory Server 8.2.x or dirsrv) does not properly handle simple paged result searches, which allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via multiple search requests. | |||||
| CVE-2010-3624 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-11 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allows attackers to execute arbitrary code via a crafted image. | |||||
| CVE-2010-1237 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via an empty SVG element. | |||||
| CVE-2002-2433 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 4.0 MEDIUM | N/A |
| NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command. | |||||
| CVE-2013-3861 | 1 Microsoft | 1 .net Framework | 2025-04-11 | 7.8 HIGH | N/A |
| Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 allows remote attackers to cause a denial of service (application crash or hang) via crafted character sequences in JSON data, aka "JSON Parsing Vulnerability." | |||||
| CVE-2011-5241 | 1 Services Twitter Group | 1 Services Twitter | 2025-04-11 | 5.8 MEDIUM | N/A |
| Services_Twitter 0.6.3 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | |||||
| CVE-2012-0736 | 1 Ibm | 1 Rational Appscan | 2025-04-11 | 9.3 HIGH | N/A |
| IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly create scan jobs, which allows remote attackers to execute arbitrary code via a crafted web site. | |||||
| CVE-2013-6981 | 1 Cisco | 1 Ios Xe | 2025-04-11 | 5.4 MEDIUM | N/A |
| Cisco IOS XE 3.7S(.1) and earlier allows remote attackers to cause a denial of service (Packet Processor crash) via fragmented MPLS IP packets, aka Bug ID CSCul00709. | |||||
| CVE-2013-2633 | 1 Matomo | 1 Matomo | 2025-04-11 | 5.0 MEDIUM | N/A |
| Piwik before 1.11 accepts input from a POST request instead of a GET request in unspecified circumstances, which might allow attackers to obtain sensitive information by leveraging the logging of parameters. | |||||
| CVE-2010-2090 | 2 Ibm, Microsoft | 3 Aix, Communications Server, Windows | 2025-04-11 | 5.0 MEDIUM | N/A |
| The npb_protocol_error function in sna V5router64 in IBM Communications Server for Windows 6.1.3 and Communications Server for AIX (aka CSAIX or CS/AIX) in sna.rte before 6.3.1.2 allows remote attackers to cause a denial of service (daemon crash) via APPC data containing a GDSID variable with a GDS length that is too small. | |||||