Total
11772 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4921 | 1 Cisco | 1 Asa 5580 | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (traceback) via malformed TCP packets, aka Bug ID CSCsm84110. | |||||
| CVE-2012-5968 | 1 Huawei | 2 E585, E585u-82 | 2025-04-11 | 4.8 MEDIUM | N/A |
| The Huawei E585 device does not validate the status of admin sessions, which allows remote attackers to obtain sensitive user information and the session ID, and modify data, by leveraging access to the LAN network. | |||||
| CVE-2013-0857 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 9.3 HIGH | N/A |
| The decode_frame_ilbm function in libavcodec/iff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted height value in IFF PBM/ILBM bitmap data. | |||||
| CVE-2012-0060 | 1 Rpm | 1 Rpm | 2025-04-11 | 6.8 MEDIUM | N/A |
| RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function. | |||||
| CVE-2010-2021 | 2 Drupal, Nicholasthompson | 2 Drupal, Global Redirect | 2025-04-11 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in the Global Redirect module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.4 for Drupal, when non-clean to clean is enabled, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter. | |||||
| CVE-2010-0686 | 1 Vmware | 3 Esx Server, Server, Virtualcenter | 2025-04-11 | 7.5 HIGH | N/A |
| WebAccess in VMware VirtualCenter 2.0.2 and 2.5, VMware Server 2.0, and VMware ESX 3.0.3 and 3.5 allows remote attackers to leverage proxy-server functionality to spoof the origin of requests via unspecified vectors, related to a "URL forwarding vulnerability." | |||||
| CVE-2013-2792 | 1 Selinc | 4 Sel-2241, Sel-3505, Sel-3530 and 1 more | 2025-04-11 | 7.1 HIGH | N/A |
| Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet. | |||||
| CVE-2011-0413 | 1 Isc | 1 Dhcp | 2025-04-11 | 7.8 HIGH | N/A |
| The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address. | |||||
| CVE-2009-5136 | 2 Condor Project, Redhat | 2 Condor, Enterprise Mrg | 2025-04-11 | 4.0 MEDIUM | N/A |
| The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job. | |||||
| CVE-2012-0840 | 1 Apache | 1 Portable Runtime | 2025-04-11 | 5.0 MEDIUM | N/A |
| tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. | |||||
| CVE-2013-7269 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.9 MEDIUM | N/A |
| The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. | |||||
| CVE-2012-4085 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | 5.0 MEDIUM | N/A |
| The Intelligent Platform Management Interface (IPMI) implementation in the Blade Management Controller in Cisco Unified Computing System (UCS) allows remote attackers to enumerate valid usernames by observing IPMI interface responses, aka Bug ID CSCtg20761. | |||||
| CVE-2013-2818 | 1 Alstom | 1 E-terracontrol | 2025-04-11 | 4.7 MEDIUM | N/A |
| The DNP Master Driver in Alstom e-terracontrol 3.5, 3.6, and 3.7 allows physically proximate attackers to cause a denial of service (infinite loop and DNP3 service disruption) via crafted input over a serial line. | |||||
| CVE-2012-4672 | 1 Apple | 1 Ichat Server | 2025-04-11 | 5.8 MEDIUM | N/A |
| Apple iChat Server does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted. | |||||
| CVE-2002-2433 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 4.0 MEDIUM | N/A |
| NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command. | |||||
| CVE-2013-5394 | 1 Ibm | 1 Websphere Extreme Scale | 2025-04-11 | 4.9 MEDIUM | N/A |
| The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to conduct phishing attacks via unspecified vectors. | |||||
| CVE-2012-5823 | 1 Opensourceclassifieds | 1 Opensourceclassifieds | 2025-04-11 | 5.8 MEDIUM | N/A |
| Open Source Classifieds does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the PHP fsockopen function. | |||||
| CVE-2011-0531 | 1 Videolan | 1 Vlc Media Player | 2025-04-11 | 9.3 HIGH | N/A |
| demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, related to "class mismatching" and the MKV_IS_ID macro. | |||||
| CVE-2013-4353 | 1 Openssl | 1 Openssl | 2025-04-11 | 4.3 MEDIUM | N/A |
| The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake. | |||||
| CVE-2010-4819 | 1 X | 1 X.org-xserver | 2025-04-11 | 3.6 LOW | N/A |
| The ProcRenderAddGlyphs function in the Render extension (render/render.c) in X.Org xserver 1.7.7 and earlier allows local users to read arbitrary memory and possibly cause a denial of service (server crash) via unspecified vectors related to an "input sanitization flaw." | |||||