Total
31956 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1541 | 2 Oracle, Sun | 4 Jdk, Jre, Jdk and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from a third party that the issue is due to an interaction error in between the JRE plug-in for WebKit-based browsers and the Javascript engine, which allows remote attackers to execute arbitrary code by modifying DOM nodes that contain applet elements in a way that triggers an incorrect reference count and a use after free. | |||||
| CVE-2010-1578 | 1 Cisco | 17 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 14 more | 2025-04-11 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc77567. | |||||
| CVE-2011-0464 | 1 Novell | 1 Vibe Onprem | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2011-0782 | 2 Apple, Google | 2 Macos, Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
| Google Chrome before 9.0.597.84 on Mac OS X does not properly mitigate an unspecified flaw in the Mac OS X 10.5 SSL libraries, which allows remote attackers to cause a denial of service (application crash) via unknown vectors. | |||||
| CVE-2011-2680 | 1 Ibm | 1 Rational Doors Web Access | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 has unknown impact and remote attack vectors related to the "server error response." | |||||
| CVE-2013-0412 | 1 Sun | 1 Sunos | 2025-04-11 | 3.6 LOW | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect integrity and availability via unknown vectors related to Utility/pax. | |||||
| CVE-2011-0855 | 1 Oracle | 1 Industry Applications | 2025-04-11 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the InForm component in Oracle Industry Applications 4.5, 4.6, and 5.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Core. | |||||
| CVE-2010-3563 | 1 Sun | 2 Jdk, Jre | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to "how Web Start retrieves security policies," BasicServiceImpl, and forged policies that bypass sandbox restrictions. | |||||
| CVE-2012-1774 | 1 Gomlab | 1 Gom Media Player | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Open URL feature in Gretech GOM Media Player before 2.1.39.5101 has unknown impact and attack vectors, a different vulnerability than CVE-2007-5779 and CVE-2012-1264. | |||||
| CVE-2010-3992 | 1 Hp | 2 Insight Control Server Migration, Insight Control Server Migration6.0.1 | 2025-04-11 | 9.0 HIGH | N/A |
| Unspecified vulnerability in HP Insight Control Server Migration before 6.2 allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2012-2006 | 2 Hp, Microsoft | 4 Insight Management Agents, Windows 2003 Server, Windows Server 2003 and 1 more | 2025-04-11 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to modify data or cause a denial of service via unknown vectors. | |||||
| CVE-2012-3141 | 1 Oracle | 1 Financial Services Software | 2025-04-11 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, and 11.0.0 through 11.2.0 allows remote authenticated users to affect integrity, related to BASE, a different vulnerability than CVE-2012-3227. | |||||
| CVE-2010-1731 | 2 Google, Htc | 2 Chrome, Hero | 2025-04-11 | 4.3 MEDIUM | N/A |
| Google Chrome on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop. | |||||
| CVE-2012-2802 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the ac3_decode_frame function in libavcodec/ac3dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "number of output channels" and "out of array writes." | |||||
| CVE-2012-3280 | 1 Hp | 2 Nonstop Server, Nonstop Server Software | 2025-04-11 | 6.3 MEDIUM | N/A |
| Multiple unspecified vulnerabilities on HP NonStop Servers H06.x and J06.x allow remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via an OSS Remote Operation over an Expand connection. | |||||
| CVE-2013-5457 | 1 Ibm | 1 Java | 2025-04-11 | 9.3 HIGH | N/A |
| Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2010-4417 | 1 Oracle | 1 Beehive | 2025-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Services for Beehive component in Oracle Fusion Middleware 2.0.1.0, 2.0.1.1, 2.0.1.2, 2.0.1.2.1, and 2.0.1.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that voice-servlet/prompt-qa/Index.jspf does not properly handle null (%00) bytes in the evaluation parameter that is used in a filename, which allows attackers to create a file with an executable extension and execute arbitrary JSP code. | |||||
| CVE-2012-0004 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-11 | 9.3 HIGH | N/A |
| Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file, related to Quartz.dll, Qdvd.dll, closed captioning, and the Line21 DirectShow filter, aka "DirectShow Remote Code Execution Vulnerability." | |||||
| CVE-2011-3462 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | 5.0 MEDIUM | N/A |
| Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP volume or Time Capsule, which allows remote attackers to obtain sensitive information contained in new backups by spoofing this storage object, a different vulnerability than CVE-2010-1803. | |||||
| CVE-2013-1708 | 1 Mozilla | 2 Firefox, Seamonkey | 2025-04-11 | 4.3 MEDIUM | N/A |
| Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (application crash) via a crafted WAV file that is not properly handled by the nsCString::CharAt function. | |||||