Search Results (121309 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-2544 1 Cacti 1 Cacti 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter.
CVE-2011-0827 1 Oracle 2 Peoplesoft And Jdedwards Product Suite, Peoplesoft Enterprise 2025-04-11 N/A
Unspecified vulnerability in the PeopleSoft Enterprise component in Oracle PeopleSoft Products 8.50 GA through 8.50.17 and 8.51 GA through 8.51.07 allows remote authenticated users to affect integrity via unknown vectors related to PeopleTools.
CVE-2011-2932 1 Rubyonrails 2 Rails, Ruby On Rails 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a malformed Unicode string, related to a "UTF-8 escaping vulnerability."
CVE-2011-0830 1 Oracle 2 Database Server, Enterprise Manager Grid Control 2025-04-11 N/A
Unspecified vulnerability in the Event Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, and 10.2.0.4, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect integrity via unknown vectors related to Rules Management UI.
CVE-2011-2930 1 Rubyonrails 2 Rails, Ruby On Rails 2025-04-11 N/A
Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a crafted column name.
CVE-2011-1719 1 Broadcom 1 Output Management Web Viewer 2025-04-11 N/A
Multiple stack-based buffer overflows in the Web Viewer ActiveX controls in CA Output Management Web Viewer 11.0 and 11.5 allow remote attackers to execute arbitrary code via (1) a long SRC property value to the PPSViewer ActiveX control in PPSView.ocx before 1.0.0.7 or (2) a long Title property value to the UOMWV_Helper ActiveX control in UOMWV_HelperActiveX.ocx before 11.5.0.1.
CVE-2011-0831 1 Oracle 2 Database Server, Enterprise Manager Grid Control 2025-04-11 N/A
Unspecified vulnerability in the Enterprise Config Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
CVE-2011-0835 1 Oracle 1 Database Server 2025-04-11 N/A
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2011-0832 and CVE-2011-0880.
CVE-2012-2253 1 Mahara 1 Mahara 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in group/members.php in Mahara 1.5.x before 1.5.7 and 1.6.x before 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the query parameter.
CVE-2011-0836 1 Oracle 6 Enterpriseone Tools, Jd Edwards Enterpriseone, Jd Edwards Enterpriseone Ep and 3 more 2025-04-11 N/A
Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote authenticated users to affect integrity, related to Web Runtime SEC.
CVE-2010-2531 3 Debian, Php, Redhat 3 Debian Linux, Php, Enterprise Linux 2025-04-11 N/A
The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if display_errors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution time, or recursion.
CVE-2011-1710 1 Novell 1 Xtier Framework 2025-04-11 N/A
Multiple integer overflows in the HTTP server in the Novell XTier framework 3.1.8 allow remote attackers to cause a denial of service (service crash) or possibly execute arbitrary code via crafted header length variables.
CVE-2011-0837 1 Oracle 1 Supply Chain Products Suite 2025-04-11 N/A
Unspecified vulnerability in the Agile Technology Platform component in Oracle Supply Chain Products Suite 9.3.0.2 and 9.3.1 allows remote attackers to affect confidentiality via unknown vectors related to Security.
CVE-2011-0845 1 Oracle 1 Enterprise Manager Grid Control 2025-04-11 N/A
Unspecified vulnerability in the Database Control component in Oracle Enterprise Manager Grid Control 10.1.0.6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2012-2285 1 Emc 2 Cloud Tiering Appliance, Cloud Tiering Appliance Virtual Edition 2025-04-11 N/A
EMC Cloud Tiering Appliance (aka CTA, formerly FMA) 9.0 and earlier, and Cloud Tiering Appliance Virtual Edition (CTA/VE) 9.0 and earlier, allows remote attackers to obtain GUI administrative access by sending a crafted file during the authentication phase.
CVE-2011-0846 1 Oracle 1 Sun Java System Access Manager Policy Agent 2025-04-11 N/A
Unspecified vulnerability in the Oracle Sun Java System Access Manager Policy Agent 2.2 allows remote attackers to affect availability via unknown vectors related to Web Proxy Agent.
CVE-2011-0848 1 Oracle 2 Database Server, Enterprise Manager Grid Control 2025-04-11 N/A
Unspecified vulnerability in the Security Framework component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to User Model.
CVE-2012-2289 1 Emc 2 Applicationxtender Desktop, Applicationxtender Web Access .net 2025-04-11 N/A
EMC ApplicationXtender Desktop before 6.5 SP2 and ApplicationXtender Web Access .NET before 6.5 SP2 allow remote attackers to upload files to any location, and possibly execute arbitrary code, via unspecified vectors.
CVE-2010-1553 1 Hp 1 Openview Network Node Manager 2025-04-11 N/A
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid MaxAge parameter.
CVE-2010-2520 4 Apple, Canonical, Debian and 1 more 4 Mac Os X, Ubuntu Linux, Debian Linux and 1 more 2025-04-11 N/A
Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.