Total
31918 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-0883 | 1 Oracle | 1 Sun Products Suite | 2025-04-11 | 2.1 LOW | N/A |
Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allows local users to affect confidentiality via unknown vectors related to Data Service for Oracle E-Business Suite, a different vulnerability than CVE-2010-0884. | |||||
CVE-2013-2274 | 2 Puppet, Puppetlabs | 3 Puppet, Puppet Enterprise, Puppet | 2025-04-11 | 6.5 MEDIUM | N/A |
Puppet 2.6.x before 2.6.18 and Puppet Enterprise 1.2.x before 1.2.7 allows remote authenticated users to execute arbitrary code on the puppet master, or an agent with puppet kick enabled, via a crafted request for a report. | |||||
CVE-2012-1754 | 1 Oracle | 1 Siebel Crm | 2025-04-11 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Framework, a different vulnerability than CVE-2012-1732. | |||||
CVE-2013-1509 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 7.6.2, 11.1.1.6.0, and 11.1.1.6.1 allows remote authenticated users to affect integrity via unknown vectors related to WebCenter Sites. | |||||
CVE-2011-4927 | 1 Redmine | 1 Redmine | 2025-04-11 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the bazaar repository adapter in Redmine 1.0.x before 1.0.5 allows remote authenticated users to obtain sensitive information via unknown vectors. | |||||
CVE-2013-5804 | 2 Oracle, Sun | 5 Jdk, Jre, Jrockit and 2 more | 2025-04-11 | 6.4 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc. | |||||
CVE-2010-3656 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-11 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3657. | |||||
CVE-2010-2884 | 4 Adobe, Apple, Google and 1 more | 6 Acrobat, Acrobat Reader, Flash Player and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010. | |||||
CVE-2012-6336 | 1 Lookout | 1 Lookout | 2025-04-11 | 3.3 LOW | N/A |
The Missing Device feature in Lookout allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer." | |||||
CVE-2013-0471 | 1 Ibm | 1 Tivoli Storage Manager | 2025-04-11 | 4.3 MEDIUM | N/A |
The traditional scheduler in the client in IBM Tivoli Storage Manager (TSM) before 6.2.5.0, 6.3 before 6.3.1.0, and 6.4 before 6.4.0.1, when Prompted mode is enabled, allows remote attackers to cause a denial of service (scheduling outage) via unspecified vectors. | |||||
CVE-2011-2995 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-11 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
CVE-2013-0376 | 1 Oracle | 1 E-business Suite | 2025-04-11 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Diagnostics. | |||||
CVE-2012-1706 | 1 Oracle | 1 Financial Services Software | 2025-04-11 | 4.7 MEDIUM | N/A |
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.3.0 through 5.3.4, 6.0.1, and 6.2.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Logging. | |||||
CVE-2010-4482 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to bypass the pop-up blocker via unknown vectors. | |||||
CVE-2012-3186 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Advanced UI, a different vulnerability than CVE-2012-3183 and CVE-2012-3185. | |||||
CVE-2012-1698 | 1 Sun | 1 Sunos | 2025-04-11 | 2.1 LOW | N/A |
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote authenticated users to affect confidentiality, related to Kernel/GLD. | |||||
CVE-2013-0260 | 2 Drupal, Elliot Pahl | 2 Drupal, Drush Debian Packaging | 2025-04-11 | 2.1 LOW | N/A |
Unspecified vulnerability in the Drush Debian Packaging module for Drupal allows local users to obtain database credentials via unknown vectors. | |||||
CVE-2011-2310 | 1 Oracle | 1 Sun Products Suite | 2025-04-11 | 7.5 HIGH | N/A |
Unspecified vulnerability in the Oracle Waveset component in Oracle Sun Products Suite 8.1.0 and 8.1.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to User Administration. | |||||
CVE-2011-1176 | 3 Apache, Debian, Mpm-itk Project | 3 Http Server, Debian Linux, Mpm-itk | 2025-04-11 | 4.3 MEDIUM | N/A |
The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process. | |||||
CVE-2010-3256 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
Google Chrome before 6.0.472.53 does not properly limit the number of stored autocomplete entries, which has unspecified impact and attack vectors. |