Total
347683 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-5511 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-04-29 | 10.0 HIGH | N/A |
| The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.6) does not properly implement the authentication-certificate option, which allows remote attackers to bypass authentication via a TCP session to an ASDM interface, aka Bug ID CSCuh44815. | |||||
| CVE-2013-5942 | 1 Graphite Project | 1 Graphite | 2026-04-29 | 6.8 MEDIUM | N/A |
| Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to (1) remote_storage.py, (2) storage.py, (3) render/datalib.py, and (4) whitelist/views.py, a different vulnerability than CVE-2013-5093. | |||||
| CVE-2011-2283 | 1 Oracle | 2 Peoplesoft Enterprise Fms, Peoplesoft Products | 2026-04-29 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise FMS component in Oracle PeopleSoft Products 9.0 Bundle #36 and 9.1 Bundle #13 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Payables. | |||||
| CVE-2012-0776 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2026-04-29 | 10.0 HIGH | N/A |
| The installer in Adobe Reader 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-0411 | 1 Novell | 1 Iprint | 2026-04-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Novell iPrint Client before 5.82 allows remote attackers to execute arbitrary code via an op-client-interface-version action. | |||||
| CVE-2013-1853 | 1 Almanah Project | 1 Almanah | 2026-04-29 | 2.1 LOW | N/A |
| Almanah Diary 0.9.0 and 0.10.0 does not encrypt the database when closed, which allows local users to obtain sensitive information by reading the database. | |||||
| CVE-2011-0253 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2026-04-29 | 9.3 HIGH | N/A |
| WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||||
| CVE-2010-3436 | 2 Canonical, Php | 2 Ubuntu Linux, Php | 2026-04-29 | 5.0 MEDIUM | N/A |
| fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors related to the length of a filename. | |||||
| CVE-2013-2762 | 1 Schneider-electric | 1 Magelis Xbt Hmi | 2026-04-29 | 10.0 HIGH | N/A |
| The Schneider Electric Magelis XBT HMI controller has a default password for authentication of configuration uploads, which makes it easier for remote attackers to bypass intended access restrictions via crafted configuration data. | |||||
| CVE-2011-4932 | 1 Impresspages | 1 Impresspages Cms | 2026-04-29 | 7.5 HIGH | N/A |
| Eval injection vulnerability in ip_cms/modules/standard/content_management/actions.php in ImpressPages CMS 1.0.12 and possibly other versons before 1.0.13 allows remote attackers to execute arbitrary code via the cm_group parameter. | |||||
| CVE-2012-2559 | 1 Wellintech | 1 Kinghistorian | 2026-04-29 | 10.0 HIGH | N/A |
| WellinTech KingHistorian 3.0 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer write) via a crafted packet to TCP port 5678. | |||||
| CVE-2011-3322 | 1 Scadatec | 1 Procyon Scada | 2026-04-29 | 10.0 HIGH | N/A |
| Core Server HMI Service (Coreservice.exe) in Scadatec Limited Procyon SCADA 1.06, and other versions before 1.14, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password to the Telnet (TCP/23) port, which triggers an out-of-bounds read or write, leading to a stack-based buffer overflow. | |||||
| CVE-2011-3868 | 1 Vmware | 4 Ams, Fusion, Player and 1 more | 2026-04-29 | 9.3 HIGH | N/A |
| Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image. | |||||
| CVE-2013-7226 | 1 Php | 1 Php | 2026-04-29 | 6.8 MEDIUM | N/A |
| Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading to a heap-based buffer overflow. | |||||
| CVE-2010-0873 | 1 Oracle | 1 Timesten In-memory Database | 2026-04-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Data Server component in Oracle TimesTen In-Memory Database 7.0.6.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2011-0830 | 1 Oracle | 2 Database Server, Enterprise Manager Grid Control | 2026-04-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Event Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, and 10.2.0.4, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect integrity via unknown vectors related to Rules Management UI. | |||||
| CVE-2011-3276 | 1 Cisco | 2 Ios, Ios Xe | 2026-04-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) by sending crafted SIP packets to TCP port 5060, aka Bug ID CSCso02147. | |||||
| CVE-2011-1849 | 1 Hp | 1 Intelligent Management Center | 2026-04-29 | 10.0 HIGH | N/A |
| tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to create or overwrite files, and subsequently execute arbitrary code, via a crafted WRQ request. | |||||
| CVE-2013-5425 | 1 Ibm | 1 Websphere Virtual Enterprise | 2026-04-29 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Virtual Enterprise 6.1 before 6.1.1.6 and 7.0 before 7.0.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2010-3769 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Seamonkey and 1 more | 2026-04-29 | 9.3 HIGH | N/A |
| The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted document.write call that triggers a buffer over-read. | |||||