Export limit exceeded: 74853 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (74853 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-4980 | 1 Toshiba | 1 Configfree Utility | 2024-11-21 | 7.8 High |
| Multiple stack-based buffer overflows in CFProfile.exe in Toshiba ConfigFree Utility 8.0.38 allow user-assisted attackers to execute arbitrary code. | ||||
| CVE-2012-4761 | 1 Safend | 1 Data Protector Agent | 2024-11-21 | 7.8 High |
| A Privilege Escalation vulnerability exists in the unquoted Service Binary in SDPAgent or SDBAgent in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges. | ||||
| CVE-2012-4760 | 1 Safend | 1 Data Protector Agent | 2024-11-21 | 7.8 High |
| A Privilege Escalation vulnerability exists in the SDBagent service in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges. | ||||
| CVE-2012-4606 | 1 Citrix | 1 Xenserver | 2024-11-21 | 7.8 High |
| Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges. | ||||
| CVE-2012-4603 | 2 Citrix, Microsoft | 3 Receiver, Xenapp Online, Windows | 2024-11-21 | 7.8 High |
| Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and Citrix Receiver for Windows 3.2 and earlier could allow remote attackers to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver. | ||||
| CVE-2012-4576 | 2 Debian, Freebsd | 2 Debian Linux, Freebsd | 2024-11-21 | 7.8 High |
| FreeBSD: Input Validation Flaw allows local users to gain elevated privileges | ||||
| CVE-2012-4524 | 2 Fedoraproject, Sillycycle | 2 Fedora, Xlockmore | 2024-11-21 | 7.5 High |
| xlockmore before 5.43 'dclock' security bypass vulnerability | ||||
| CVE-2012-4512 | 2 Kde, Redhat | 5 Kde, Enterprise Linux, Enterprise Linux Desktop and 2 more | 2024-11-21 | 8.8 High |
| The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion." | ||||
| CVE-2012-4480 | 2 Fedoraproject, Ovirt | 2 Fedora, Mom | 2024-11-21 | 7.8 High |
| mom creates world-writable pid files in /var/run | ||||
| CVE-2012-4438 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 8.8 High |
| Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code. | ||||
| CVE-2012-4434 | 1 Cipherdyne | 1 Fwknop | 2024-11-21 | 8.8 High |
| fwknop before 2.0.3 allow remote authenticated users to cause a denial of service (server crash) or possibly execute arbitrary code. | ||||
| CVE-2012-4428 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-11-21 | 7.5 High |
| openslp: SLPIntersectStringList()' Function has a DoS vulnerability | ||||
| CVE-2012-4420 | 1 Oracle | 1 Jdk | 2024-11-21 | 7.5 High |
| An information disclosure flaw was found in the way the Java Virtual Machine (JVM) implementation of Java SE 7 as provided by OpenJDK 7 incorrectly initialized integer arrays after memory allocation (in certain circumstances they had nonzero elements right after the allocation). A remote attacker could use this flaw to obtain potentially sensitive information. | ||||
| CVE-2012-4383 | 1 Contao | 1 Contao | 2024-11-21 | 8.8 High |
| contao prior to 2.11.4 has a sql injection vulnerability | ||||
| CVE-2012-4381 | 1 Mediawiki | 1 Mediawiki | 2024-11-21 | 8.1 High |
| MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, (1) which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, (2) when an authentication plugin returns a false in the strict function, could allow remote attackers to use old passwords for non-existing accounts in an external authentication system via unspecified vectors. | ||||
| CVE-2012-4030 | 1 Chamilo | 1 Chamilo Lms | 2024-11-21 | 7.5 High |
| Chamilo before 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote attackers to delete arbitrary files. | ||||
| CVE-2012-3824 | 1 Arialsoftware | 1 Campaign Enterprise | 2024-11-21 | 7.5 High |
| In Arial Campaign Enterprise before 11.0.551, multiple pages are accessible without authentication or authorization. | ||||
| CVE-2012-3823 | 1 Arialsoftware | 1 Campaign Enterprise | 2024-11-21 | 7.5 High |
| Arial Campaign Enterprise before 11.0.551 stores passwords in clear text and these may be retrieved. | ||||
| CVE-2012-3822 | 1 Arialsoftware | 1 Campaign Enterprise | 2024-11-21 | 7.5 High |
| Arial Campaign Enterprise before 11.0.551 has unauthorized access to the User-Edit.asp page, which allows remote attackers to enumerate users' credentials. | ||||
| CVE-2012-3810 | 1 Samsung | 1 Kies | 2024-11-21 | 7.5 High |
| Samsung Kies before 2.5.0.12094_27_11 has registry modification. | ||||