Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-2224 | 1 Redhat | 1 Enterprise Linux | 2025-04-11 | 6.9 MEDIUM | N/A |
| A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 allows local users to cause a denial of service (invalid free operation and system crash) or possibly gain privileges via a sendmsg system call with the IP_RETOPTS option, as demonstrated by hemlock.c. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-3552. | |||||
| CVE-2010-0618 | 1 Lexmark | 1 Z2420 | 2025-04-11 | 5.0 MEDIUM | N/A |
| The flood-protection feature in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser and inkjet printers and MarkNet devices allows remote attackers to cause a denial of service (TCP outage) by making many passive FTP connections and then aborting these connections. | |||||
| CVE-2010-5218 | 1 Dupehunter | 1 Dupehunter | 2025-04-11 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in Dupehunter 9.0.0.3911 allows local users to gain privileges via a Trojan horse Fwpuclnt.dll file in the current working directory, as demonstrated by a directory that contains a .dhjb file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-3361 | 1 Shrew | 1 Vpn Client | 2025-04-11 | 6.9 MEDIUM | N/A |
| The (1) iked, (2) ikea, and (3) ikec scripts in Shrew Soft IKE 2.1.5 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2012-6509 | 1 Netartmedia | 1 Car Portal | 2025-04-11 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 allows remote attackers to execute arbitrary PHP code by uploading a file a double extension, as demonstrated by .php%00.jpg. | |||||
| CVE-2010-5253 | 1 Winimage | 1 Winimage | 2025-04-11 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in WinImage 8.50 allows local users to gain privileges via a Trojan horse wnaspi32.dll file in the current working directory, as demonstrated by a directory that contains a .imz file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-3066 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 4.9 MEDIUM | N/A |
| The io_submit_one function in fs/aio.c in the Linux kernel before 2.6.23 allows local users to cause a denial of service (NULL pointer dereference) via a crafted io_submit system call with an IOCB_FLAG_RESFD flag. | |||||
| CVE-2012-3895 | 1 Cisco | 1 Ios | 2025-04-11 | 6.3 MEDIUM | N/A |
| Cisco IOS 15.0 through 15.3 allows remote authenticated users to cause a denial of service (device crash) via an MVPNv6 update, aka Bug ID CSCty89224. | |||||
| CVE-2012-2826 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
| Google Chrome before 20.0.1132.43 does not properly implement texture conversion, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2012-3567 | 1 Opera | 1 Opera Browser | 2025-04-11 | 5.0 MEDIUM | N/A |
| Opera before 12.00 Beta allows remote attackers to cause a denial of service (memory consumption or application hang) via an IFRAME element that uses the src="#" syntax to embed a parent document. | |||||
| CVE-2012-1819 | 1 Wellintech | 1 Kingview | 2025-04-11 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in WellinTech KingView 6.53 allows local users to gain privileges via a Trojan horse DLL in the current working directory. | |||||
| CVE-2012-1365 | 1 Cisco | 1 Unified Computing System Infrastructure And Unified Computing System Software | 2025-04-11 | 4.0 MEDIUM | N/A |
| Cisco Unified Computing System (UCS) 1.4 and 2.0 allows remote authenticated users to cause a denial of service (device reload) via a malformed SNMP request to a Fabric Interconnect (FI) device, aka Bug ID CSCts32463. | |||||
| CVE-2011-2493 | 1 Linux | 1 Linux Kernel | 2025-04-11 | 2.1 LOW | N/A |
| The ext4_fill_super function in fs/ext4/super.c in the Linux kernel before 2.6.39 does not properly initialize a certain error-report data structure, which allows local users to cause a denial of service (OOPS) by attempting to mount a crafted ext4 filesystem. | |||||
| CVE-2010-3145 | 1 Microsoft | 1 Windows Vista | 2025-04-11 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working directory, as demonstrated by a directory that contains a Windows Backup Catalog (.wbcat) file, aka "Backup Manager Insecure Library Loading Vulnerability." | |||||
| CVE-2011-3430 | 1 Apple | 1 Iphone Os | 2025-04-11 | 9.3 HIGH | N/A |
| The Settings component in Apple iOS before 5, when a configuration profile is used for a locale other than English, does not properly implement localization, which makes it easier for attackers to have an unspecified impact by leveraging incorrect configuration display. | |||||
| CVE-2010-2244 | 1 Avahi | 1 Avahi | 2025-04-11 | 4.3 MEDIUM | N/A |
| The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability than CVE-2008-5081. | |||||
| CVE-2010-1156 | 1 Irssi | 1 Irssi | 2025-04-11 | 4.3 MEDIUM | N/A |
| core/nicklist.c in Irssi before 0.8.15 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an attempted fuzzy nick match at the instant that a victim leaves a channel. | |||||
| CVE-2013-4160 | 1 Littlecms | 1 Little Cms Color Engine | 2025-04-11 | 5.0 MEDIUM | N/A |
| Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) cmsStageAllocLabV2ToV4curves, (2) cmsPipelineDup, (3) cmsAllocProfileSequenceDescription, (4) CurvesAlloc, and (5) cmsnamed. | |||||
| CVE-2011-5032 | 1 Winmount | 1 Winmount | 2025-04-11 | 4.9 MEDIUM | N/A |
| WMDrive.sys 3.4.181.224 in WinMount 3.5.1018 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted 0x87342000 IOCTL request to the WMDriver device. | |||||
| CVE-2010-1790 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle just-in-time (JIT) compiled JavaScript stubs, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to a "reentrancy issue." | |||||