Total
263121 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-1000417 | 1 Matrixssl | 1 Matrixssl | 2024-09-17 | N/A |
MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates. | ||||
CVE-2019-4098 | 1 Ibm | 1 Cloud Pak System | 2024-09-17 | 5.4 Medium |
IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158020. | ||||
CVE-2020-4516 | 1 Ibm | 2 Business Automation Workflow, Business Process Manager | 2024-09-17 | 5.4 Medium |
IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182371. | ||||
CVE-2016-10386 | 1 Google | 1 Android | 2024-09-17 | N/A |
In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP. | ||||
CVE-2016-10610 | 1 Unicode | 1 Unicode-json | 2024-09-17 | N/A |
unicode-json is a unicode lookup table. unicode-json before 2.0.0 downloads data resources over HTTP, which leaves it vulnerable to MITM attacks. | ||||
CVE-2010-2707 | 1 Hp | 5 Procurve Switch 2626, Procurve Switch 2626-pwr, Procurve Switch 2650 and 2 more | 2024-09-17 | N/A |
Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches before H.10.80 allows remote attackers to obtain sensitive information, modify data, and cause a denial of service via unknown vectors. | ||||
CVE-2017-5822 | 1 Hp | 1 Intelligent Management Center | 2024-09-17 | N/A |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found. | ||||
CVE-2014-9302 | 1 Alfresco | 1 Community Edition | 2024-09-17 | N/A |
Server-side request forgery (SSRF) vulnerability in the cmisbrowser servlet in Content Management Interoperability Service (CMIS) in Alfresco Community Edition 5.0.a and earlier allows remote attackers to trigger outbound requests via a crafted URI in the url parameter. | ||||
CVE-2020-27350 | 3 Canonical, Debian, Netapp | 5 Ubuntu Linux, Advanced Package Tool, Debian Linux and 2 more | 2024-09-17 | 5.7 Medium |
APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0 versions prior to 1.6.12ubuntu0.2; 2.0.2ubuntu0 versions prior to 2.0.2ubuntu0.2; 2.1.10ubuntu0 versions prior to 2.1.10ubuntu0.1; | ||||
CVE-2017-11932 | 1 Microsoft | 1 Exchange Server | 2024-09-17 | N/A |
Microsoft Exchange Server 2016 CU5 and Microsoft Exchange Server 2016 CU5 allow a spoofing vulnerability due to the way Outlook Web Access (OWA) validates web requests, aka "Microsoft Exchange Spoofing Vulnerability". | ||||
CVE-2017-1711 | 1 Ibm | 2 Client Application Access, Notes | 2024-09-17 | N/A |
IBM iNotes 8.5 and 9.0 SUService can be misguided into running malicious code from a DLL masquerading as a windows DLL in the temp directory. IBM X-Force ID: 134532. | ||||
CVE-2021-36805 | 1 Akaunting | 1 Akaunting | 2024-09-17 | 5.2 Medium |
Akaunting version 2.1.12 and earlier suffers from a persistent (type II) cross-site scripting (XSS) vulnerability in the sales invoice processing component of the application. This issue was fixed in version 2.1.13 of the product. | ||||
CVE-2013-4999 | 1 Phpmyadmin | 1 Phpmyadmin | 2024-09-17 | N/A |
phpMyAdmin 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to Error.class.php and Error_Handler.class.php. | ||||
CVE-2020-3512 | 1 Cisco | 132 Catalyst 3650-12x48uq, Catalyst 3650-12x48ur, Catalyst 3650-12x48uz and 129 more | 2024-09-17 | 7.4 High |
A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload. | ||||
CVE-2009-3184 | 1 Grapari | 1 E-gold Game Series Pirates Of The Caribbean | 2024-09-17 | N/A |
Multiple SQL injection vulnerabilities in index.php in Pirates of The Caribbean in the E-Gold Game Series allow remote attackers to execute arbitrary SQL commands via the (1) x and (2) y parameters. | ||||
CVE-2022-36383 | 1 Webhelpagency | 1 Wha Wordsearch | 2024-09-17 | 5.4 Medium |
Multiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in WHA Word Search Puzzles game plugin <= 2.0.1 at WordPress. | ||||
CVE-2022-22513 | 1 Codesys | 20 Control For Beaglebone Sl, Control For Beckhoff Cx9020, Control For Empc-a\/imx6 Sl and 17 more | 2024-09-17 | 6.5 Medium |
An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash. | ||||
CVE-2019-5624 | 1 Rapid7 | 1 Metasploit | 2024-09-17 | 7.3 High |
Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level of the user running Metasploit. This issue affects: Rapid7 Metasploit Framework version 4.14.0 and prior versions. | ||||
CVE-2018-8041 | 2 Apache, Redhat | 2 Camel, Jboss Fuse | 2024-09-17 | N/A |
Apache Camel's Mail 2.20.0 through 2.20.3, 2.21.0 through 2.21.1 and 2.22.0 is vulnerable to path traversal. | ||||
CVE-2017-8981 | 1 Hp | 1 Intelligent Management Center | 2024-09-17 | N/A |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506 was found. |