Total
10428 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-0712 | 1 Windriver | 1 Vxworks | 2025-04-11 | 6.8 MEDIUM | N/A |
| IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted packet. | |||||
| CVE-2013-4353 | 1 Openssl | 1 Openssl | 2025-04-11 | 4.3 MEDIUM | N/A |
| The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake. | |||||
| CVE-2010-0296 | 1 Gnu | 1 Glibc | 2025-04-11 | 7.2 HIGH | N/A |
| The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request. | |||||
| CVE-2011-0087 | 1 Microsoft | 5 Windows 2003 Server, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-11 | 7.2 HIGH | N/A |
| win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Insufficient User Input Validation Vulnerability." | |||||
| CVE-2012-1817 | 1 Emerson | 3 Deltav, Deltav Proessentials Scientific Graph, Deltav Workstation | 2025-04-11 | 7.5 HIGH | N/A |
| Buffer overflow in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via an invalid field in a project file. | |||||
| CVE-2010-3626 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-11 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted font, a different vulnerability than CVE-2010-2889. | |||||
| CVE-2013-6003 | 1 Cybozu | 1 Garoon | 2025-04-11 | 3.5 LOW | N/A |
| CRLF injection vulnerability in Cybozu Garoon 3.1 through 3.5 SP5, when Phone Messages forwarding is enabled, allows remote authenticated users to inject arbitrary e-mail headers via unspecified vectors. | |||||
| CVE-2013-0669 | 1 Siemens | 1 Wincc Tia Portal | 2025-04-11 | 4.0 MEDIUM | N/A |
| The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request. | |||||
| CVE-2010-4042 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 7.5 HIGH | 9.8 CRITICAL |
| Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "stale elements." | |||||
| CVE-2011-0067 | 1 Mozilla | 2 Firefox, Seamonkey | 2025-04-11 | 5.0 MEDIUM | N/A |
| Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls. | |||||
| CVE-2011-4138 | 1 Djangoproject | 1 Django | 2025-04-11 | 5.0 MEDIUM | N/A |
| The verify_exists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 originally tests a URL's validity through a HEAD request, but then uses a GET request for the new target URL in the case of a redirect, which might allow remote attackers to trigger arbitrary GET requests with an unintended source IP address via a crafted Location header. | |||||
| CVE-2012-3443 | 1 Djangoproject | 1 Django | 2025-04-11 | 5.0 MEDIUM | N/A |
| The django.forms.ImageField class in the form system in Django before 1.3.2 and 1.4.x before 1.4.1 completely decompresses image data during image validation, which allows remote attackers to cause a denial of service (memory consumption) by uploading an image file. | |||||
| CVE-2013-2813 | 1 Cooperindustries | 3 Smp 16 Gateway \(data Concentrator\), Smp 4\/dp Gateway \(data Concentrator\), Smp 4 Gateway \(data Concentrator\) | 2025-04-11 | 7.1 HIGH | N/A |
| The DNP3 component in Cooper Power Systems SMP 4, 4/DP, and 16 gateways allows remote attackers to cause a denial of service (reboot or link outage) via a crafted DNP3 TCP packet. | |||||
| CVE-2013-0213 | 1 Samba | 1 Samba | 2025-04-11 | 5.1 MEDIUM | N/A |
| The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element. | |||||
| CVE-2011-3063 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
| Google Chrome before 18.0.1025.142 does not properly validate the renderer's navigation requests, which has unspecified impact and remote attack vectors. | |||||
| CVE-2011-1849 | 1 Hp | 1 Intelligent Management Center | 2025-04-11 | 10.0 HIGH | N/A |
| tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to create or overwrite files, and subsequently execute arbitrary code, via a crafted WRQ request. | |||||
| CVE-2013-6959 | 1 Cisco | 1 Webex Sales Center | 2025-04-11 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in Cisco WebEx Sales Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul25557. | |||||
| CVE-2012-2733 | 1 Apache | 1 Tomcat | 2025-04-11 | 5.0 MEDIUM | N/A |
| java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data. | |||||
| CVE-2010-4048 | 1 Opera | 1 Opera Browser | 2025-04-11 | 4.3 MEDIUM | N/A |
| Opera before 10.63 allows user-assisted remote web servers to cause a denial of service (application crash) by sending a redirect during the saving of a file. | |||||
| CVE-2013-4354 | 1 Openstack | 1 Image Registry And Delivery Service \(glance\) | 2025-04-11 | 2.1 LOW | N/A |
| The API before 2.1 in OpenStack Image Registry and Delivery Service (Glance) makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image. | |||||