Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 35865 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-4818 1 Ibm 1 Infosphere Information Server 2026-06-16 N/A 6.5 MEDIUM
IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remote authenticated attacker to obtain sensitive information, caused by improper restrictions on directories. An attacker could exploit this vulnerability via the DataStage application to load or import content functionality to view arbitrary files on the system.
CVE-2012-4742 1 Packetfence 1 Packetfence 2026-06-16 7.5 HIGH N/A
The web_node_register function in web.pm in PacketFence before 3.0.2 might allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2012-4683 1 Bitcoin 1 Bitcoin Core 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in bitcoind and Bitcoin-Qt allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-4682.
CVE-2012-4682 1 Bitcoin 1 Bitcoin Core 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in bitcoind and Bitcoin-Qt allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-4683.
CVE-2012-4638 1 Cisco 1 Ios 2026-06-16 4.9 MEDIUM N/A
Cisco IOS before 15.1(1)SY allows local users to cause a denial of service (device reload) by establishing an outbound SSH session, aka Bug ID CSCto00318.
CVE-2012-4598 1 Mcafee 2 Epo Mcafee Virtual Technician, Mcafee Virtual Technician 2026-06-16 9.3 HIGH N/A
An unspecified ActiveX control in McAfee Virtual Technician (MVT) before 6.4, and ePO-MVT, allows remote attackers to execute arbitrary code or cause a denial of service (Internet Explorer crash) via a crafted web site.
CVE-2012-4561 1 Libssh 1 Libssh 2026-06-16 5.0 MEDIUM N/A
The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign, and (5) ssh_sign_session_id functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service (crash) via unspecified vectors.
CVE-2012-4536 1 Xen 1 Xen 2026-06-16 2.1 LOW N/A
The (1) domain_pirq_to_emuirq and (2) physdev_unmap_pirq functions in Xen 2.2 allows local guest OS administrators to cause a denial of service (Xen crash) via a crafted pirq value that triggers an out-of-bounds read.
CVE-2012-4529 1 Redhat 2 Jboss Community Application Server, Jboss Enterprise Application Platform 2026-06-16 4.3 MEDIUM N/A
The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a session, which allows remote attackers to obtain the session id (1) via a man-in-the-middle attack or (2) by reading a log.
CVE-2012-4528 3 Fedoraproject, Opensuse, Trustwave 3 Fedora, Opensuse, Modsecurity 2026-06-16 5.0 MEDIUM N/A
The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
CVE-2012-4514 1 Kde 1 Kde 2026-06-16 5.0 MEDIUM N/A
rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part."
CVE-2012-4461 1 Linux 1 Linux Kernel 2026-06-16 1.9 LOW N/A
The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the guest cr4 register, then calling the KVM_RUN ioctl.
CVE-2012-4444 1 Linux 1 Linux Kernel 2026-06-16 5.0 MEDIUM N/A
The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux kernel before 2.6.36 allows remote attackers to bypass intended network restrictions via overlapping IPv6 fragments.
CVE-2012-4419 1 Torproject 1 Tor 2026-06-16 5.0 MEDIUM N/A
The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison.
CVE-2012-4416 2 Oracle, Sun 4 Jdk, Jre, Jdk and 1 more 2026-06-16 6.4 MEDIUM N/A
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Hotspot.
CVE-2012-4363 4 Adobe, Apple, Linux and 1 more 4 Acrobat Reader, Mac Os X, Linux Kernel and 1 more 2026-06-16 9.3 HIGH N/A
Multiple unspecified vulnerabilities in Adobe Reader through 10.1.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, related to "sixteen more crashes affecting Windows, OS X, or both systems."
CVE-2012-4349 1 Symantec 1 Network Access Control 2026-06-16 7.2 HIGH N/A
Unquoted Windows search path vulnerability in Symantec Network Access Control (SNAC) 12.1 before RU2 allows local users to gain privileges via unspecified vectors.
CVE-2012-4343 1 Menalto 1 Gallery 2026-06-16 7.5 HIGH N/A
Multiple unspecified vulnerabilities in Gallery 3 before 3.0.4 allow attackers to execute arbitrary PHP code via unknown vectors.
CVE-2012-4331 1 Spip 1 Spip 2026-06-16 10.0 HIGH N/A
Multiple unspecified vulnerabilities in SPIP before 1.9.2.o, 2.0.x before 2.0.18, and 2.1.x before 2.1.13 have unknown impact and attack vectors that are not related to cross-site scripting (XSS), different vulnerabilities than CVE-2012-2151.
CVE-2012-4328 1 Vbulletin 4 Mapi, Vbulletin, Vbulletin Forum and 1 more 2026-06-16 10.0 HIGH N/A
Unspecified vulnerability in the MAPI in vBulletin Suite 4.1.2 through 4.1.12, Forum 4.1.2 through 4.1.12, and the MAPI plugin 1.4.3 for vBulletin 3.x has unknown impact and attack vectors.