Total
31890 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-0441 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-1476 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via certain methods that should not be serialized, aka "missing serialization restriction." | |||||
| CVE-2013-4776 | 1 Netgear | 5 Prosafe Firmware, Prosafe Gs510tp, Prosafe Gs724t and 2 more | 2025-04-11 | 7.8 HIGH | N/A |
| NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier, GS748Tv4 5.4.1.14, and GS510TP 5.0.4.4 allows remote attackers to cause a denial of service (reboot or crash) via a crafted HTTP request to filesystem/. | |||||
| CVE-2011-1119 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Google Chrome before 9.0.597.107 does not properly determine device orientation, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
| CVE-2013-5835 | 1 Oracle | 1 Siebel Crm | 2025-04-11 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Open_UI. | |||||
| CVE-2013-4041 | 1 Ibm | 1 Java | 2025-04-11 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in IBM Java SDK 5.0.0 before SR16 FP4, 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to access restricted classes via unspecified vectors. | |||||
| CVE-2012-0080 | 1 Oracle | 1 Peoplesoft Products | 2025-04-11 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Talent Acquisition Management. | |||||
| CVE-2013-2395 | 1 Oracle | 1 Mysql | 2025-04-11 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-1567. | |||||
| CVE-2012-0493 | 1 Oracle | 1 Mysql | 2025-04-11 | 2.1 LOW | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0495. | |||||
| CVE-2013-3798 | 1 Oracle | 1 Mysql | 2025-04-11 | 5.8 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached. | |||||
| CVE-2010-3583 | 1 Oracle | 1 Vm | 2025-04-11 | 9.0 HIGH | N/A |
| Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a third party researcher that this is related to the exposure of multiple unspecified functions through XML-RPC that allow execution of arbitrary OS commands. | |||||
| CVE-2011-4683 | 1 Opera | 1 Opera Browser | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Opera before 11.60 has unknown impact and attack vectors, related to a "moderately severe issue." | |||||
| CVE-2012-0925 | 1 Realnetworks | 2 Realplayer, Realplayer Sp | 2025-04-11 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RV40 RealVideo video stream. | |||||
| CVE-2012-4033 | 2 Wordpress, Zingiri | 2 Wordpress, Zingiri Web Shop | 2025-04-11 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the Zingiri Web Shop plugin before 2.4.0 for WordPress have unknown impact and attack vectors. | |||||
| CVE-2013-3753 | 1 Sun | 1 Sunos | 2025-04-11 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect availability via vectors related to Kernel/STREAMS framework. | |||||
| CVE-2010-0232 | 1 Microsoft | 3 Windows 2000, Windows 7, Windows Xp | 2025-04-11 | 7.2 HIGH | 7.8 HIGH |
| The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka "Windows Kernel Exception Handler Vulnerability." | |||||
| CVE-2010-4459 | 1 Sun | 1 Sunos | 2025-04-11 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to SCTP and Kernel/sockfs. | |||||
| CVE-2013-5819 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5818 and CVE-2013-5831. | |||||
| CVE-2013-3827 | 1 Oracle | 1 Fusion Middleware | 2025-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container. | |||||
| CVE-2010-3548 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Java Naming and Directory Interface (JNDI) component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to determine internal IP addresses or "otherwise-protected internal network names." | |||||
| CVE-2012-0528 | 1 Oracle | 2 Database Server, Enterprise Manager Grid Control | 2025-04-11 | 5.8 MEDIUM | N/A |
| Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, and 11.1.0.7, and Oracle Enterprise Manager Grid Control, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security Framework. | |||||