Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 35862 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-4682 1 Bitcoin 1 Bitcoin Core 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in bitcoind and Bitcoin-Qt allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-4683.
CVE-2012-4638 1 Cisco 1 Ios 2026-06-16 4.9 MEDIUM N/A
Cisco IOS before 15.1(1)SY allows local users to cause a denial of service (device reload) by establishing an outbound SSH session, aka Bug ID CSCto00318.
CVE-2012-4598 1 Mcafee 2 Epo Mcafee Virtual Technician, Mcafee Virtual Technician 2026-06-16 9.3 HIGH N/A
An unspecified ActiveX control in McAfee Virtual Technician (MVT) before 6.4, and ePO-MVT, allows remote attackers to execute arbitrary code or cause a denial of service (Internet Explorer crash) via a crafted web site.
CVE-2012-4561 1 Libssh 1 Libssh 2026-06-16 5.0 MEDIUM N/A
The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign, and (5) ssh_sign_session_id functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service (crash) via unspecified vectors.
CVE-2012-4536 1 Xen 1 Xen 2026-06-16 2.1 LOW N/A
The (1) domain_pirq_to_emuirq and (2) physdev_unmap_pirq functions in Xen 2.2 allows local guest OS administrators to cause a denial of service (Xen crash) via a crafted pirq value that triggers an out-of-bounds read.
CVE-2012-4529 1 Redhat 2 Jboss Community Application Server, Jboss Enterprise Application Platform 2026-06-16 4.3 MEDIUM N/A
The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a session, which allows remote attackers to obtain the session id (1) via a man-in-the-middle attack or (2) by reading a log.
CVE-2012-4528 3 Fedoraproject, Opensuse, Trustwave 3 Fedora, Opensuse, Modsecurity 2026-06-16 5.0 MEDIUM N/A
The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
CVE-2012-4514 1 Kde 1 Kde 2026-06-16 5.0 MEDIUM N/A
rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part."
CVE-2012-4461 1 Linux 1 Linux Kernel 2026-06-16 1.9 LOW N/A
The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the guest cr4 register, then calling the KVM_RUN ioctl.
CVE-2012-4444 1 Linux 1 Linux Kernel 2026-06-16 5.0 MEDIUM N/A
The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux kernel before 2.6.36 allows remote attackers to bypass intended network restrictions via overlapping IPv6 fragments.
CVE-2012-4419 1 Torproject 1 Tor 2026-06-16 5.0 MEDIUM N/A
The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison.
CVE-2012-4416 2 Oracle, Sun 4 Jdk, Jre, Jdk and 1 more 2026-06-16 6.4 MEDIUM N/A
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Hotspot.
CVE-2012-4363 4 Adobe, Apple, Linux and 1 more 4 Acrobat Reader, Mac Os X, Linux Kernel and 1 more 2026-06-16 9.3 HIGH N/A
Multiple unspecified vulnerabilities in Adobe Reader through 10.1.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, related to "sixteen more crashes affecting Windows, OS X, or both systems."
CVE-2012-4349 1 Symantec 1 Network Access Control 2026-06-16 7.2 HIGH N/A
Unquoted Windows search path vulnerability in Symantec Network Access Control (SNAC) 12.1 before RU2 allows local users to gain privileges via unspecified vectors.
CVE-2012-4343 1 Menalto 1 Gallery 2026-06-16 7.5 HIGH N/A
Multiple unspecified vulnerabilities in Gallery 3 before 3.0.4 allow attackers to execute arbitrary PHP code via unknown vectors.
CVE-2012-4331 1 Spip 1 Spip 2026-06-16 10.0 HIGH N/A
Multiple unspecified vulnerabilities in SPIP before 1.9.2.o, 2.0.x before 2.0.18, and 2.1.x before 2.1.13 have unknown impact and attack vectors that are not related to cross-site scripting (XSS), different vulnerabilities than CVE-2012-2151.
CVE-2012-4328 1 Vbulletin 4 Mapi, Vbulletin, Vbulletin Forum and 1 more 2026-06-16 10.0 HIGH N/A
Unspecified vulnerability in the MAPI in vBulletin Suite 4.1.2 through 4.1.12, Forum 4.1.2 through 4.1.12, and the MAPI plugin 1.4.3 for vBulletin 3.x has unknown impact and attack vectors.
CVE-2012-4327 2 Wordpress, Wpslideshow 2 Wordpress, Image News Slider 2026-06-16 7.5 HIGH N/A
Unspecified vulnerability in the Image News slider plugin before 3.3 for WordPress has unspecified impact and remote attack vectors.
CVE-2012-4305 1 Oracle 1 Javafx 2026-06-16 9.3 HIGH N/A
Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than other CVEs listed in the February 2013 CPU. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from a third party that the issue allows remote attackers to execute arbitrary code via vectors related to an "invalid type cast" and exposed native methods in the T2KGlyph class.
CVE-2012-4303 1 Oracle 1 Fusion Middleware 2026-06-16 3.5 LOW N/A
Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 11.1.1.6.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Content Server.