Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 35849 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-0063 1 Tucaneando 1 Tucan 2026-06-16 6.8 MEDIUM 8.1 HIGH
Insecure plugin update mechanism in tucan through 0.3.10 could allow remote attackers to perform man-in-the-middle attacks and execute arbitrary code ith the permissions of the user running tucan.
CVE-2012-0053 5 Apache, Debian, Opensuse and 2 more 12 Http Server, Debian Linux, Opensuse and 9 more 2026-06-16 4.3 MEDIUM N/A
protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script.
CVE-2012-0031 5 Apache, Debian, Opensuse and 2 more 13 Http Server, Debian Linux, Opensuse and 10 more 2026-06-16 4.6 MEDIUM N/A
scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function.
CVE-2012-0004 1 Microsoft 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more 2026-06-16 9.3 HIGH N/A
Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file, related to Quartz.dll, Qdvd.dll, closed captioning, and the Line21 DirectShow filter, aka "DirectShow Remote Code Execution Vulnerability."
CVE-2012-0003 1 Microsoft 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more 2026-06-16 9.3 HIGH 8.1 HIGH
Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MIDI file, aka "MIDI Remote Code Execution Vulnerability."
CVE-2011-5331 1 Distributed Ruby Project 1 Distributed Ruby 2026-06-16 7.5 HIGH 9.8 CRITICAL
Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval.
CVE-2011-5330 1 Distributed Ruby Project 1 Distributed Ruby 2026-06-16 7.5 HIGH 9.8 CRITICAL
Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls.
CVE-2011-5274 1 Gplhost 1 Domain Technologie Control 2026-06-16 7.5 HIGH N/A
The drawAdminTools_PackageInstaller function in shared/inc/forms/packager.php in Domain Technologie Control (DTC) before 0.32.11 allows remote attackers to execute arbitrary commands via shell metacharacters in the dtcpkg_directory parameter in a do_install action to dtc/.
CVE-2011-5254 2 Connections Project, Wordpress 2 Connections, Wordpress 2026-06-16 10.0 HIGH N/A
Unspecified vulnerability in the Connections plugin before 0.7.1.6 for WordPress has unknown impact and attack vectors.
CVE-2011-5133 1 Mybb 1 Mybb 2026-06-16 10.0 HIGH N/A
Unspecified vulnerability in MyBB before 1.6.5 has unknown impact and attack vectors, related to an "unparsed user avatar in the buddy list."
CVE-2011-5120 1 Comodo 1 Comodo Internet Security 2026-06-16 4.3 MEDIUM N/A
The Antivirus component in Comodo Internet Security before 5.4.189822.1355 allows remote attackers to cause a denial of service (application crash) via a crafted .PST file.
CVE-2011-5087 1 Adastra 1 Trace Mode Data Center 2026-06-16 5.0 MEDIUM N/A
Unspecified vulnerability in AdAstrA TRACE MODE Data Center allows remote attackers to read arbitrary files via unknown vectors, as demonstrated by the GLEG Agora SCADA+ Exploit Pack for Immunity CANVAS.
CVE-2011-5085 1 Sixapart 1 Movable Type 2026-06-16 7.5 HIGH N/A
Unspecified vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows remote attackers to read or modify data via unknown vectors.
CVE-2011-5075 1 Sitracker 1 Support Incident Tracker 2026-06-16 5.0 MEDIUM N/A
translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to obtain sensitive information via a direct request using the save action, which reveals the installation path.
CVE-2011-4963 2 F5, Microsoft 2 Nginx, Windows 2026-06-16 5.0 MEDIUM N/A
nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
CVE-2011-4943 1 Impresspages 1 Impresspages Cms 2026-06-16 7.5 HIGH 9.8 CRITICAL
ImpressPages CMS v1.0.12 has Unspecified Remote Code Execution (fixed in v1.0.13)
CVE-2011-4941 1 Matomo 1 Matomo 2026-06-16 6.8 MEDIUM N/A
Unspecified vulnerability in Piwik 1.2 through 1.4 allows remote attackers with the view permission to execute arbitrary code via unknown attack vectors.
CVE-2011-4929 1 Redmine 1 Redmine 2026-06-16 7.5 HIGH N/A
Unspecified vulnerability in the bazaar repository adapter in Redmine 0.9.x and 1.0.x before 1.0.5 allows remote attackers to execute arbitrary commands via unknown vectors.
CVE-2011-4927 1 Redmine 1 Redmine 2026-06-16 4.0 MEDIUM N/A
Unspecified vulnerability in the bazaar repository adapter in Redmine 1.0.x before 1.0.5 allows remote authenticated users to obtain sensitive information via unknown vectors.
CVE-2011-4917 1 Linux 1 Linux Kernel 2026-06-16 2.1 LOW 5.5 MEDIUM
In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat.