Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-5215 | 1 Swishzone | 1 Swish Max3 | 2012-09-06 | 6.9 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in SWiSH Max3 3.0 2009.11.30 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) SWiSHmax3res.dll file in the current working directory, as demonstrated by a directory that contains a .swi file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5207 | 1 Celframe | 1 Office 2008 | 2012-09-06 | 6.9 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in CelFrame Office 2008 Standard Edition allow local users to gain privileges via a Trojan horse (1) java_msci.dll or (2) msci_java.dll file in the current working directory, as demonstrated by a directory that contains a .doc, .xls, or .odg file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5223 | 1 Phoenixcpm | 1 Phoenix Project Manager | 2012-09-06 | 6.9 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in Phoenix Project Manager 2.1.0.8 allow local users to gain privileges via a Trojan horse (1) wbtrv32.dll or (2) w3btrv7.dll file in the current working directory, as demonstrated by a directory that contains a .ppx file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-5212 | 1 Adobe | 1 Livecycle Designer Es2 | 2012-09-06 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in Adobe LiveCycle Designer ES2 9.0.0.20091029.1.612548 allows local users to gain privileges via a Trojan horse objectassisten_US.dll file in the current working directory, as demonstrated by a directory that contains a .tds file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-5218 | 1 Dupehunter | 1 Dupehunter | 2012-09-06 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in Dupehunter 9.0.0.3911 allows local users to gain privileges via a Trojan horse Fwpuclnt.dll file in the current working directory, as demonstrated by a directory that contains a .dhjb file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-4756 | 1 Cyberlink | 1 Labelprint | 2012-09-06 | 6.9 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in CyberLink LabelPrint 2.5.3602 allow local users to gain privileges via a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .lpp file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2012-1605 | 1 Typo3 | 1 Typo3 | 2012-09-05 | 5.0 MEDIUM | N/A |
| The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 unserializes untrusted data, which allows remote attackers to unserialize arbitrary objects and possibly execute arbitrary code via vectors related to "a missing signature (HMAC) for a request argument." | |||||
| CVE-2012-2966 | 1 Caucho | 1 Resin | 2012-09-04 | 7.5 HIGH | N/A |
| Caucho Quercus, as distributed in Resin before 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST parameters, which has unspecified impact and remote attack vectors. | |||||
| CVE-2011-4951 | 1 Egroupware | 2 Egroupware, Egroupware Enterprise Line | 2012-09-04 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in phpgwapi/ntlm/index.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the forward parameter. | |||||
| CVE-2012-2967 | 1 Caucho | 1 Resin | 2012-09-04 | 7.5 HIGH | N/A |
| Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == (equals sign equals sign) operator for comparisons, which has unspecified impact and context-dependent attack vectors. | |||||
| CVE-2012-1916 | 1 Atmail | 1 Atmail Open | 2012-08-29 | 7.5 HIGH | N/A |
| @Mail WebMail Client in AtMail Open-Source before 1.05 allows remote attackers to execute arbitrary code via an e-mail attachment with an executable extension, leading to the creation of an executable file under tmp/. | |||||
| CVE-2012-4337 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Windows 7, Windows Xp | 2012-08-24 | 9.3 HIGH | N/A |
| Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number during processing of cross references. | |||||
| CVE-2010-5147 | 1 Websense | 2 Websense Web Filter, Websense Web Security | 2012-08-23 | 5.0 MEDIUM | N/A |
| The Remote Filtering component in Websense Web Security and Web Filter before 6.3.3 Hotfix 18 and 7.x before 7.1.1 allows remote attackers to cause a denial of service (daemon exit) via a large volume of traffic. | |||||
| CVE-2012-3381 | 1 Standards Based Linux Instrumentation | 1 Sblim-sfcb | 2012-08-17 | 4.4 MEDIUM | N/A |
| sfcb in sblim-sfcb places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2012-3475 | 1 Ushahidi | 1 Ushahidi Platform | 2012-08-13 | 7.5 HIGH | N/A |
| The installer in the Ushahidi Platform before 2.5 omits certain calls to the exit function, which allows remote attackers to obtain administrative privileges via unspecified vectors. | |||||
| CVE-2012-3015 | 1 Siemens | 2 Simatic Pcs7, Simatic Step 7 | 2012-07-30 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder. | |||||
| CVE-2012-3005 | 1 Invensys | 7 Foxboro Control Software, Infusion Ce\/fe\/scada, Intouch and 4 more | 2012-07-30 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in Invensys Wonderware InTouch 2012 and earlier, as used in Wonderware Application Server, Wonderware Information Server, Foxboro Control Software, InFusion CE/FE/SCADA, InBatch, and Wonderware Historian, allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2012-3811 | 1 Avaya | 1 Ip Office Customer Call Reporter | 2012-07-17 | 10.0 HIGH | N/A |
| Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 before 7.0.5.8 Q1 2012 Maintenance Release and 8.0 before 8.0.9.13 Q1 2012 Maintenance Release allows remote attackers to execute arbitrary code by uploading an executable file and then accessing it via a direct request. | |||||
| CVE-2011-2485 | 1 Gnome | 1 Gdk-pixbuf | 2012-07-03 | 4.3 MEDIUM | N/A |
| The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values, which allows remote attackers to cause a denial of service (memory consumption) via a crafted GIF image file. | |||||
| CVE-2012-3553 | 1 Digium | 1 Asterisk | 2012-06-26 | 4.0 MEDIUM | N/A |
| chan_skinny.c in the Skinny (aka SCCP) channel driver in Asterisk Open Source 10.x before 10.5.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by sending a Station Key Pad Button message and closing a connection in off-hook mode, a related issue to CVE-2012-2948. | |||||