Total 263121 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-1000417 1 Matrixssl 1 Matrixssl 2024-09-17 N/A
MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates.
CVE-2019-4098 1 Ibm 1 Cloud Pak System 2024-09-17 5.4 Medium
IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158020.
CVE-2020-4516 1 Ibm 2 Business Automation Workflow, Business Process Manager 2024-09-17 5.4 Medium
IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182371.
CVE-2016-10386 1 Google 1 Android 2024-09-17 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP.
CVE-2016-10610 1 Unicode 1 Unicode-json 2024-09-17 N/A
unicode-json is a unicode lookup table. unicode-json before 2.0.0 downloads data resources over HTTP, which leaves it vulnerable to MITM attacks.
CVE-2010-2707 1 Hp 5 Procurve Switch 2626, Procurve Switch 2626-pwr, Procurve Switch 2650 and 2 more 2024-09-17 N/A
Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches before H.10.80 allows remote attackers to obtain sensitive information, modify data, and cause a denial of service via unknown vectors.
CVE-2017-5822 1 Hp 1 Intelligent Management Center 2024-09-17 N/A
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
CVE-2014-9302 1 Alfresco 1 Community Edition 2024-09-17 N/A
Server-side request forgery (SSRF) vulnerability in the cmisbrowser servlet in Content Management Interoperability Service (CMIS) in Alfresco Community Edition 5.0.a and earlier allows remote attackers to trigger outbound requests via a crafted URI in the url parameter.
CVE-2020-27350 3 Canonical, Debian, Netapp 5 Ubuntu Linux, Advanced Package Tool, Debian Linux and 2 more 2024-09-17 5.7 Medium
APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0 versions prior to 1.6.12ubuntu0.2; 2.0.2ubuntu0 versions prior to 2.0.2ubuntu0.2; 2.1.10ubuntu0 versions prior to 2.1.10ubuntu0.1;
CVE-2017-11932 1 Microsoft 1 Exchange Server 2024-09-17 N/A
Microsoft Exchange Server 2016 CU5 and Microsoft Exchange Server 2016 CU5 allow a spoofing vulnerability due to the way Outlook Web Access (OWA) validates web requests, aka "Microsoft Exchange Spoofing Vulnerability".
CVE-2017-1711 1 Ibm 2 Client Application Access, Notes 2024-09-17 N/A
IBM iNotes 8.5 and 9.0 SUService can be misguided into running malicious code from a DLL masquerading as a windows DLL in the temp directory. IBM X-Force ID: 134532.
CVE-2021-36805 1 Akaunting 1 Akaunting 2024-09-17 5.2 Medium
Akaunting version 2.1.12 and earlier suffers from a persistent (type II) cross-site scripting (XSS) vulnerability in the sales invoice processing component of the application. This issue was fixed in version 2.1.13 of the product.
CVE-2013-4999 1 Phpmyadmin 1 Phpmyadmin 2024-09-17 N/A
phpMyAdmin 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to Error.class.php and Error_Handler.class.php.
CVE-2020-3512 1 Cisco 132 Catalyst 3650-12x48uq, Catalyst 3650-12x48ur, Catalyst 3650-12x48uz and 129 more 2024-09-17 7.4 High
A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.
CVE-2009-3184 1 Grapari 1 E-gold Game Series Pirates Of The Caribbean 2024-09-17 N/A
Multiple SQL injection vulnerabilities in index.php in Pirates of The Caribbean in the E-Gold Game Series allow remote attackers to execute arbitrary SQL commands via the (1) x and (2) y parameters.
CVE-2022-36383 1 Webhelpagency 1 Wha Wordsearch 2024-09-17 5.4 Medium
Multiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in WHA Word Search Puzzles game plugin <= 2.0.1 at WordPress.
CVE-2022-22513 1 Codesys 20 Control For Beaglebone Sl, Control For Beckhoff Cx9020, Control For Empc-a\/imx6 Sl and 17 more 2024-09-17 6.5 Medium
An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash.
CVE-2019-5624 1 Rapid7 1 Metasploit 2024-09-17 7.3 High
Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level of the user running Metasploit. This issue affects: Rapid7 Metasploit Framework version 4.14.0 and prior versions.
CVE-2018-8041 2 Apache, Redhat 2 Camel, Jboss Fuse 2024-09-17 N/A
Apache Camel's Mail 2.20.0 through 2.20.3, 2.21.0 through 2.21.1 and 2.22.0 is vulnerable to path traversal.
CVE-2017-8981 1 Hp 1 Intelligent Management Center 2024-09-17 N/A
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506 was found.