Search Results (121366 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-5516 1 Cisco 1 Telepresence Multipoint Switch 2025-04-11 N/A
The Media Snapshot implementation on Cisco TelePresence Multipoint Switch (CTMS) devices allows remote authenticated users to cause a denial of service (device reload) by sending many Media Snapshot requests at the time of a meeting termination, aka Bug ID CSCuh44796.
CVE-2012-3009 1 Siemens 1 Comos 2025-04-11 N/A
Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls.
CVE-2012-3139 1 Oracle 1 E-business Suite 2025-04-11 N/A
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity, related to Signon (local and SSO).
CVE-2013-1417 1 Mit 1 Kerberos 5 2025-04-11 N/A
do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of service (daemon crash) via a TGS-REQ request that triggers an attempted cross-realm referral for a host-based service principal.
CVE-2011-0943 1 Cisco 1 Ios Xr 2025-04-11 N/A
Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to cause a denial of service (NetIO process restart or device reload) via a crafted IPv4 packet, aka Bug ID CSCth44147.
CVE-2012-3012 1 Arbiter 2 Power Sentinel, Power Sentinel 1133a Firmware 2025-04-11 N/A
The Arbiter Power Sentinel 1133A device with firmware before 11Jun2012 Rev 421 allows remote attackers to cause a denial of service (Ethernet outage) via unspecified Ethernet traffic that fills a buffer, as demonstrated by a port scan.
CVE-2013-3561 4 Debian, Opensuse, Redhat and 1 more 4 Debian Linux, Opensuse, Enterprise Linux and 1 more 2025-04-11 N/A
Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
CVE-2010-1743 1 Satyadeep 1 Scratcher 2025-04-11 N/A
SQL injection vulnerability in projects.php in Scratcher allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2013-3141 1 Microsoft 1 Internet Explorer 2025-04-11 N/A
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3110.
CVE-2010-1642 1 Samba 1 Samba 2025-04-11 N/A
The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \xff\xff security blob length in a Session Setup AndX request.
CVE-2013-5700 1 Bitcoin 2 Bitcoin-qt, Bitcoin Core 2025-04-11 N/A
The Bloom Filter implementation in bitcoind and Bitcoin-Qt 0.8.x before 0.8.4rc1 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted sequence of messages.
CVE-2011-0935 1 Cisco 1 Ios 2025-04-11 N/A
The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent permanent caching of certain public keys, which allows remote attackers to bypass authentication and have unspecified other impact by leveraging an IKE peer relationship in which a key was previously valid but later revoked, aka Bug ID CSCth82164, a different vulnerability than CVE-2010-4685.
CVE-2013-2811 2 Catapultsoftware, Ge 4 Catapult Dnp3 I\/o Driver, Intelligent Platforms Proficy Dnp3 I\/o Driver, Intelligent Platforms Proficy Hmi\/scada Cimplicity and 1 more 2025-04-11 N/A
The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I/O driver before 7.20k, as used in DNPDrv.exe (aka the DNP master station server) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet.
CVE-2011-0986 1 Phpmyadmin 1 Phpmyadmin 2025-04-11 N/A
phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the (1) README, (2) ChangeLog, and (3) LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file.
CVE-2013-1428 1 Tinc-vpn 1 Tinc 2025-04-11 N/A
Stack-based buffer overflow in the receive_tcppacket function in net_packet.c in tinc before 1.0.21 and 1.1 before 1.1pre7 allows remote authenticated peers to cause a denial of service (crash) or possibly execute arbitrary code via a large TCP packet.
CVE-2012-0392 1 Apache 1 Struts 2025-04-11 N/A
The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.
CVE-2010-1617 1 Moodle 1 Moodle 2025-04-11 N/A
user/view.php in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 does not properly check a role, which allows remote authenticated users to obtain the full names of other users via the course profile page.
CVE-2012-3032 1 Siemens 2 Simatic Pcs7, Wincc 2025-04-11 N/A
SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted SOAP message.
CVE-2011-1124 1 Google 1 Chrome 2025-04-11 N/A
Use-after-free vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to blocked plug-ins.
CVE-2011-1438 1 Google 1 Chrome 2025-04-11 N/A
Google Chrome before 11.0.696.57 allows remote attackers to bypass the Same Origin Policy via vectors involving blobs.