Total
347683 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4289 | 4 Opensuse, Redhat, Sun and 1 more | 4 Opensuse, Enterprise Linux, Sunos and 1 more | 2026-04-29 | 3.3 LOW | N/A |
| epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries. | |||||
| CVE-2010-1849 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2026-04-29 | 5.0 MEDIUM | N/A |
| The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length. | |||||
| CVE-2013-0365 | 1 Oracle | 1 Siebel Crm | 2026-04-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Security. | |||||
| CVE-2012-3548 | 1 Wireshark | 1 Wireshark | 2026-04-29 | 4.3 MEDIUM | N/A |
| The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file. | |||||
| CVE-2013-2822 | 1 Novatech | 6 Orion5 Dnp Master, Orion5 Dnp Slave, Orion5r Dnp Master and 3 more | 2026-04-29 | 4.7 MEDIUM | N/A |
| NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier and Orion5/Orion5r DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier allow physically proximate attackers to cause a denial of service (driver crash and process restart) via crafted input over a serial line. | |||||
| CVE-2011-1500 | 1 Kevinmehall | 1 Pithos | 2026-04-29 | 2.1 LOW | N/A |
| PreferencesPithosDialog.py in Pithos 0.3.7 does not properly restrict permissions for the .config/pithos.ini file in a user's home directory, which allows local users to obtain Pandora credentials by reading this file. | |||||
| CVE-2010-0571 | 1 Cisco | 1 Digital Media Manager | 2026-04-29 | 8.5 HIGH | N/A |
| Unspecified vulnerability in Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x allows remote authenticated users to gain privileges via unknown vectors, and consequently execute arbitrary code via a crafted web application, aka Bug ID CSCtc46008. | |||||
| CVE-2014-0739 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-04-29 | 4.3 MEDIUM | N/A |
| Race condition in the Phone Proxy component in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to bypass sec_db authentication and provide certain pass-through services to untrusted devices via a crafted configuration-file TFTP request, aka Bug ID CSCuj66766. | |||||
| CVE-2013-3336 | 1 Adobe | 1 Coldfusion | 2026-04-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to read arbitrary files via unknown vectors. | |||||
| CVE-2010-2481 | 1 Libtiff | 1 Libtiff | 2026-04-29 | 4.3 MEDIUM | N/A |
| The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file. | |||||
| CVE-2010-5009 | 1 Ut-files | 1 Utstats | 2026-04-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in UTStats Beta 4 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter in a matchp action. | |||||
| CVE-2011-4815 | 1 Ruby-lang | 1 Ruby | 2026-04-29 | 7.8 HIGH | N/A |
| Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. | |||||
| CVE-2011-4143 | 1 Rsa | 1 Envision | 2026-04-29 | 5.0 MEDIUM | N/A |
| EMC RSA enVision 4.0 before SP4 P5 and 4.1 before P3 allows remote attackers to obtain sensitive information about environment variables in the web system via unspecified vectors. | |||||
| CVE-2011-0995 | 2 Novell, Rubyforge | 2 Suse Linux Enterprise, Rubygem-sqlite3 | 2026-04-29 | 2.1 LOW | N/A |
| The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise (SLE) 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. | |||||
| CVE-2013-3254 | 2 Wordpress, Wppa.opajaap | 2 Wordpress, Wp-photo-album-plus | 2026-04-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the WP Photo Album Plus plugin before 5.0.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the commentid parameter in a wppa_manage_comments edit action. | |||||
| CVE-2011-0791 | 1 Oracle | 1 E-business Suite | 2026-04-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Data Export. | |||||
| CVE-2011-1545 | 1 Hp | 1 Insight Control Performance Management | 2026-04-29 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management before 6.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2010-0604 | 1 Cisco | 1 Pgw 2200 Softswitch | 2026-04-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S10 allows remote attackers to cause a denial of service (device crash) via unknown SIP traffic, as demonstrated by "SIP testing," aka Bug ID CSCsk38165. | |||||
| CVE-2012-2020 | 1 Hp | 1 Operations Agent | 2026-04-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1326. | |||||
| CVE-2013-3959 | 1 Siemens | 2 Simatic Pcs7, Wincc | 2026-04-29 | 4.0 MEDIUM | N/A |
| The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, exhibits different behavior for NetBIOS user names depending on whether the user account exists, which allows remote authenticated users to enumerate account names via crafted URL parameters. | |||||