Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 35771 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-0484 2 Mysql, Oracle 2 Mysql, Mysql 2026-06-16 4.0 MEDIUM N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.
CVE-2012-0467 1 Mozilla 4 Firefox, Seamonkey, Thunderbird and 1 more 2026-06-16 10.0 HIGH N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2012-0462 1 Mozilla 5 Firefox, Firefox Esr, Seamonkey and 2 more 2026-06-16 7.5 HIGH N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2012-0461 1 Mozilla 4 Firefox, Seamonkey, Thunderbird and 1 more 2026-06-16 7.5 HIGH N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2012-0443 1 Mozilla 3 Firefox, Seamonkey, Thunderbird 2026-06-16 10.0 HIGH N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2012-0442 4 Debian, Mozilla, Opensuse and 1 more 8 Debian Linux, Firefox, Seamonkey and 5 more 2026-06-16 9.3 HIGH N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2012-0435 1 Suse 1 Webyast 2026-06-16 5.8 MEDIUM N/A
SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify the hosts list, and subsequently conduct man-in-the-middle attacks, via a crafted /host request on TCP port 4984.
CVE-2012-0430 1 Microfocus 1 Edirectory 2026-06-16 6.4 MEDIUM N/A
Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors.
CVE-2012-0420 1 Opensuse 1 Zypper 2026-06-16 4.4 MEDIUM N/A
zypp-refresh-wrapper in SUSE Zypper before 1.3.20 and 1.6.x before 1.6.166 allows local users to create files in arbitrary directories, or possibly have unspecified other impact, via a pathname in the ZYPP_LOCKFILE_ROOT environment variable.
CVE-2012-0418 2 Microsoft, Novell 2 Windows, Groupwise 2026-06-16 9.3 HIGH N/A
Unspecified vulnerability in the client in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted file.
CVE-2012-0411 1 Novell 1 Iprint 2026-06-16 10.0 HIGH N/A
Unspecified vulnerability in Novell iPrint Client before 5.82 allows remote attackers to execute arbitrary code via an op-client-interface-version action.
CVE-2012-0392 1 Apache 1 Struts 2026-06-16 6.8 MEDIUM N/A
The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.
CVE-2012-0376 1 Cisco 1 Unified Communications Manager 2026-06-16 5.0 MEDIUM N/A
The voice-sipstack component in Cisco Unified Communications Manager (CUCM) 8.5 allows remote attackers to cause a denial of service (core dump) via vectors involving SIP messages that arrive after an upgrade, aka Bug ID CSCtj87367.
CVE-2012-0321 1 Kingsoft 1 Internet Security 2026-06-16 2.1 LOW N/A
Unspecified vulnerability in the device driver in Kingsoft Internet Security 2011 allows local users to cause a denial of service via a crafted application.
CVE-2012-0320 1 Sixapart 1 Movable Type 2026-06-16 7.5 HIGH N/A
Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to the (1) commenting feature and (2) community script.
CVE-2012-0290 1 Symantec 3 Altiris Client Management Suite Pcanywhere Solution, Altiris Deployment Solution Remote Pcanywhere Solution, Pcanywhere 2026-06-16 10.0 HIGH N/A
Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) do not properly handle the client state after abnormal termination of a remote session, which allows remote attackers to obtain access to the client by leveraging an "open client session."
CVE-2012-0208 1 Oracle 1 Sun Products Suite 2026-06-16 9.0 HIGH N/A
Unspecified vulnerability in the Oracle Grid Engine component in Oracle Sun Products Suite 6.1 and 6.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to qrsh.
CVE-2012-0200 1 Ibm 1 Soliddb 2026-06-16 4.0 MEDIUM N/A
The server in IBM solidDB 6.5 before Interim Fix 6 does not properly initialize data structures, which allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a redundant WHERE condition.
CVE-2012-0194 1 Ibm 1 Aix 2026-06-16 7.1 HIGH N/A
The TCP implementation in IBM AIX 5.3, 6.1, and 7.1, when the Large Send Offload option is enabled, allows remote attackers to cause a denial of service (assertion failure and panic) via an unspecified series of packets.
CVE-2012-0190 1 Ibm 2 Spss Data Collection, Spss Dimensions 2026-06-16 9.3 HIGH N/A
Unspecified vulnerability in the Render method in the ExportHTML.ocx ActiveX control in ExportHTML.dll in IBM SPSS Dimensions 5.5 and SPSS Data Collection 5.6, 6.0, and 6.0.1 allows remote attackers to execute arbitrary code via a crafted HTML document.