ReportizFlow
Filtered by vendor
Subscriptions
Total
13163 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-1472 | 1 Vmware | 1 Vcenter Chargeback Manager | 2025-04-11 | N/A |
| VMware vCenter Chargeback Manager (aka CBM) before 2.0.1 does not properly handle XML API requests, which allows remote attackers to read arbitrary files or cause a denial of service via unspecified vectors. | ||||
| CVE-2013-4248 | 3 Canonical, Php, Redhat | 3 Ubuntu Linux, Php, Enterprise Linux | 2025-04-11 | N/A |
| The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. | ||||
| CVE-2010-0603 | 1 Cisco | 1 Pgw 2200 Softswitch | 2025-04-11 | N/A |
| The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S10 allows remote attackers to cause a denial of service (device crash) via a malformed session attribute, aka Bug ID CSCsk40030. | ||||
| CVE-2012-1103 | 2 Gnu, Notmuchmail | 2 Emacs, Notmuch | 2025-04-11 | N/A |
| emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message. | ||||
| CVE-2012-5148 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| The hyphenation functionality in Google Chrome before 24.0.1312.52 does not properly validate file names, which has unspecified impact and attack vectors. | ||||
| CVE-2013-3861 | 1 Microsoft | 1 .net Framework | 2025-04-11 | N/A |
| Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 allows remote attackers to cause a denial of service (application crash or hang) via crafted character sequences in JSON data, aka "JSON Parsing Vulnerability." | ||||
| CVE-2010-1237 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via an empty SVG element. | ||||
| CVE-2012-0267 | 1 Ntrglobal | 1 Ntr Activex Control | 2025-04-11 | N/A |
| The StopModule method in the NTR ActiveX control before 2.0.4.8 allows remote attackers to execute arbitrary code via a crafted lModule parameter that triggers use of an arbitrary memory address as a function pointer. | ||||
| CVE-2010-3704 | 5 Foolabs, Glyphandcog, Kde and 2 more | 5 Xpdf, Xpdfreader, Kdegraphics and 2 more | 2025-04-11 | N/A |
| The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption. | ||||
| CVE-2012-2270 | 1 Owncloud | 2 Owncloud, Owncloud Server | 2025-04-11 | N/A |
| Open redirect vulnerability in index.php (aka the Login Page) in ownCloud before 3.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_url parameter. | ||||
| CVE-2013-6048 | 1 Munin-monitoring | 1 Munin | 2025-04-11 | N/A |
| The get_group_tree function in lib/Munin/Master/HTMLConfig.pm in Munin before 2.0.18 allows remote nodes to cause a denial of service (infinite loop and memory consumption in the munin-html process) via crafted multigraph data. | ||||
| CVE-2012-5610 | 1 Owncloud | 2 Owncloud, Owncloud Server | 2025-04-11 | N/A |
| Incomplete blacklist vulnerability in lib/filesystem.php in ownCloud before 4.0.9 and 4.5.x before 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a special crafted name. | ||||
| CVE-2011-0485 | 1 Google | 2 Chrome, Chrome Os | 2025-04-11 | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle speech data, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "stale pointer." | ||||
| CVE-2012-4076 | 1 Cisco | 1 Nx-os | 2025-04-11 | N/A |
| Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in a command that calls the system library function, aka Bug IDs CSCtf23559 and CSCtf27780. | ||||
| CVE-2012-2882 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| FFmpeg, as used in Google Chrome before 22.0.1229.79, does not properly handle OGG containers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "wild pointer" issue. | ||||
| CVE-2012-4079 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | N/A |
| The XML API service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) allows remote attackers to cause a denial of service (API service outage) via a malformed XML document in a packet, aka Bug ID CSCtg48206. | ||||
| CVE-2013-1828 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| The sctp_getsockopt_assoc_stats function in net/sctp/socket.c in the Linux kernel before 3.8.4 does not validate a size value before proceeding to a copy_from_user operation, which allows local users to gain privileges via a crafted application that contains an SCTP_GET_ASSOC_STATS getsockopt system call. | ||||
| CVE-2013-7263 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-11 | N/A |
| The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c. | ||||
| CVE-2011-1538 | 1 Hp | 1 Proliant Support Pack | 2025-04-11 | N/A |
| Open redirect vulnerability in HP Proliant Support Pack (PSP) before 8.7 allows remote authenticated users to redirect other users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2012-4085 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | N/A |
| The Intelligent Platform Management Interface (IPMI) implementation in the Blade Management Controller in Cisco Unified Computing System (UCS) allows remote attackers to enumerate valid usernames by observing IPMI interface responses, aka Bug ID CSCtg20761. | ||||