Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-0588 | 1 Apple | 2 Mac Os X, Quicktime | 2013-08-15 | 7.1 HIGH | N/A |
| The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that triggers memory corruption in the _GetSrcBits32ARGB function. NOTE: this issue might overlap CVE-2007-0462. | |||||
| CVE-2013-1610 | 1 Symantec | 2 Encryption Desktop, Pgp Desktop | 2013-08-05 | 6.8 MEDIUM | N/A |
| Unquoted Windows search path vulnerability in RDDService in Symantec PGP Desktop 10.0.x through 10.2.x and Symantec Encryption Desktop 10.3.0 before MP3 allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory. | |||||
| CVE-2001-1096 | 1 Ibm | 1 Aix | 2013-07-25 | 4.6 MEDIUM | N/A |
| Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a core dump and possibly execute code. | |||||
| CVE-2007-1655 | 1 Tinymux | 1 Tinymux | 2013-07-23 | 10.0 HIGH | N/A |
| Buffer overflow in the fun_ladd function in funmath.cpp in TinyMUX before 20070126 might allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors related to lists of numbers. | |||||
| CVE-2003-0616 | 1 Mcafee | 1 Epolicy Orchestrator | 2013-07-23 | 7.5 HIGH | N/A |
| Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution. | |||||
| CVE-1999-0447 | 1 Hp | 1 Mpe Ix | 2013-07-23 | 4.6 MEDIUM | N/A |
| Local users can gain privileges using the debug utility in the MPE/iX operating system. | |||||
| CVE-1999-0309 | 1 Hp | 1 Hp-ux | 2013-07-21 | 7.2 HIGH | N/A |
| HP-UX vgdisplay program gives root access to local users. | |||||
| CVE-2005-3250 | 1 Sun | 1 Solaris | 2013-07-20 | 2.1 LOW | N/A |
| Unknown vulnerability in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors related to the "/proc" filesystem, which trigger a null dereference. | |||||
| CVE-2005-4482 | 1 Iatek | 1 Portalapp | 2013-07-18 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in login.asp in PortalApp 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ret_page parameter. | |||||
| CVE-2005-4493 | 1 Speartek | 1 Speartek | 2013-07-17 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SpearTek 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. | |||||
| CVE-2005-1436 | 1 Osticket | 1 Osticket | 2013-07-14 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow remote attackers to inject arbitrary web script or HTML via (1) the t parameter to view.php, (2) the osticket_title parameter to header.php, (3) the em parameter to admin_login.php, (4) the e parameter to user_login.php, (5) the err parameter to open_submit.php, or (6) the name and subject fields when adding a ticket. | |||||
| CVE-2007-0982 | 1 Taskfreak | 1 Taskfreak | 2013-07-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in error.php in TaskFreak! 0.5.5 allows remote attackers to inject arbitrary web script or HTML via the tznMessage parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2013-0235 | 1 Wordpress | 1 Wordpress | 2013-07-08 | 6.4 MEDIUM | N/A |
| The XMLRPC API in WordPress before 3.5.1 allows remote attackers to send HTTP requests to intranet servers, and conduct port-scanning attacks, by specifying a crafted source URL for a pingback, related to a Server-Side Request Forgery (SSRF) issue. | |||||
| CVE-2005-3316 | 1 Symantec | 2 Discovery, On Command Discovery | 2013-07-07 | 7.5 HIGH | N/A |
| The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the (1) DiscoveryWeb and (2) DiscoveryRO database accounts with null passwords, which could allow attackers to gain privileges or prevent Discovery from running by setting another password. | |||||
| CVE-2007-0747 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2013-07-03 | 7.2 HIGH | N/A |
| load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mounting a WebDAV filesystem, which allows local users to gain privileges by setting unspecified environment variables. | |||||
| CVE-2005-3852 | 1 Onlinetechtools.com | 1 Owos Lite | 2013-07-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.asp in Online Work Order Suite (OWOS) Lite Edition for ASP 3.0 allows remote attackers to execute arbitrary SQL commands via the keyword parameter. | |||||
| CVE-2012-4944 | 1 Agilefleet | 2 Fleetcommander, Fleetcommander Kiosk | 2013-06-26 | 10.0 HIGH | N/A |
| Multiple unrestricted file upload vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary code by uploading a file via an unspecified page. | |||||
| CVE-2012-2982 | 1 Gentoo | 1 Webmin | 2013-05-30 | 6.5 MEDIUM | N/A |
| file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character. | |||||
| CVE-2010-2443 | 1 Libtiff | 1 Libtiff | 2013-05-15 | 5.0 MEDIUM | N/A |
| The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an OJPEG image with undefined strip offsets, related to the TIFFVGetField function. | |||||
| CVE-2013-1220 | 1 Cisco | 1 Unified Customer Voice Portal | 2013-05-09 | 7.8 HIGH | N/A |
| The CallServer component in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to cause a denial of service (call-acceptance outage) via malformed SIP INVITE messages, aka Bug ID CSCua65148. | |||||