Total
31934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0435 | 1 Suse | 1 Webyast | 2013-01-28 | 5.8 MEDIUM | N/A |
| SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify the hosts list, and subsequently conduct man-in-the-middle attacks, via a crafted /host request on TCP port 4984. | |||||
| CVE-2011-5254 | 2 Connections Project, Wordpress | 2 Connections, Wordpress | 2013-01-23 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Connections plugin before 0.7.1.6 for WordPress has unknown impact and attack vectors. | |||||
| CVE-2012-5429 | 2 Cisco, Microsoft | 2 Vpn Client, Windows | 2013-01-18 | 4.6 MEDIUM | N/A |
| The VPN driver in Cisco VPN Client on Windows does not properly interact with the kernel, which allows local users to cause a denial of service (kernel fault and system crash) via a crafted application, aka Bug ID CSCuc81669. | |||||
| CVE-2012-6336 | 1 Lookout | 1 Lookout | 2013-01-08 | 3.3 LOW | N/A |
| The Missing Device feature in Lookout allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer." | |||||
| CVE-2012-0411 | 1 Novell | 1 Iprint | 2013-01-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Novell iPrint Client before 5.82 allows remote attackers to execute arbitrary code via an op-client-interface-version action. | |||||
| CVE-2012-1714 | 1 Oracle | 1 Hyperion Financial Management | 2013-01-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in a TList 6 ActiveX control in Oracle Hyperion Financial Management 11.1.1.4 and 11.1.2.1.104 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2011-5087 | 1 Adastra | 1 Trace Mode Data Center | 2013-01-04 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in AdAstrA TRACE MODE Data Center allows remote attackers to read arbitrary files via unknown vectors, as demonstrated by the GLEG Agora SCADA+ Exploit Pack for Immunity CANVAS. | |||||
| CVE-2006-0218 | 1 Mybb | 1 Mybb | 2013-01-03 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before 1.0.2 have unspecified impact and attack vectors, related to (1) admin/moderate.php, (2) admin/themes.php, (3) inc/functions.php, (4) inc/functions_upload.php, (5) printthread.php, and (6) usercp.php, and probably related to SQL injection. NOTE: it is likely that this issue subsumes CVE-2005-4602 and CVE-2005-4603. However, since the vendor advisory is vague and additional files are mentioned, is is likely that this contains at least one distinct vulnerability from CVE-2005-4602 and CVE-2005-4603. | |||||
| CVE-2008-3981 | 1 Oracle | 1 Secure Backup | 2013-01-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.1.0.1 allows remote attackers to affect confidentiality via unknown vectors. | |||||
| CVE-2012-6335 | 1 Avg | 1 Avg Antivirus | 2012-12-31 | 3.3 LOW | N/A |
| The Anti-theft service in AVG AntiVirus for Android allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer." | |||||
| CVE-2012-0962 | 2 Canonical, Sebastian Heinlein | 2 Ubuntu Linux, Aptdaemon | 2012-12-27 | 4.3 MEDIUM | N/A |
| Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle (MITM) attack. | |||||
| CVE-2010-3054 | 1 Freetype | 1 Freetype | 2012-12-19 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attackers to cause a denial of service via vectors involving nested Standard Encoding Accented Character (aka seac) calls, related to psaux.h, cffgload.c, cffgload.h, and t1decode.c. | |||||
| CVE-2012-6065 | 2 Daniel Honrade, Drupal | 2 Om Maximenu, Drupal | 2012-12-04 | 4.6 MEDIUM | N/A |
| The OM Maximenu module 6.x-1.43 and earlier for Drupal, when the "Title has PHP" option is enabled, allows remote authenticated users with the "Administer OM Maximenu" permission to execute arbitrary PHP code via a "Link Title," a different vulnerability than CVE-2012-5553. | |||||
| CVE-2012-5174 | 1 Kyocera | 6 Ah-k3001v, Ah-k3002v, Xw300k and 3 more | 2012-11-30 | 7.8 HIGH | N/A |
| The KYOCERA AH-K3001V, AH-K3002V, WX300K, WX310K, WX320K, and WX320KR devices allow remote attackers to cause a denial of service (persistent reboot) via an e-mail message in an invalid format. | |||||
| CVE-2011-3506 | 1 Oracle | 1 Sun Products Suite | 2012-11-27 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Authentication. | |||||
| CVE-2008-3072 | 1 Simple Machines | 1 Simple Machines Forum | 2012-11-27 | 7.5 HIGH | N/A |
| Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before 1.0.13, when running in PHP before 4.2.0, does not properly seed the random number generator, which has unknown impact and attack vectors. | |||||
| CVE-2008-3070 | 1 Mybb | 1 Mybb | 2012-11-27 | 7.5 HIGH | N/A |
| Unspecified vulnerability in inc/datahandler/user.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $user['language'] variable, probably related to SQL injection. | |||||
| CVE-2008-3073 | 1 Simple Machines | 1 Simple Machines Forum | 2012-11-27 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before 1.0.13 has unknown impact and attack vectors, probably cross-site scripting (XSS), related to "use of the html-tag." | |||||
| CVE-2008-3071 | 1 Mybb | 1 Mybb | 2012-11-27 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in inc/class_language.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $language variable. | |||||
| CVE-2007-6721 | 1 Bouncycastle | 2 Bouncy-castle-crypto-package, Legion-of-the-bouncy-castle-java-crytography-api | 2012-11-16 | 10.0 HIGH | N/A |
| The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes." | |||||