Search Results (121140 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-2979 1 Ibm 2 Infosphere Optim Performance Manager, Optim Performance Manager 2025-04-11 N/A
Directory traversal vulnerability in IBM Optim Performance Manager 4.1.1 and IBM InfoSphere Optim Performance Manager 5.x before 5.2 allows remote authenticated users to read arbitrary files via a crafted URL.
CVE-2011-0895 1 Hp 1 Network Node Manager I 2025-04-11 N/A
Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.0x and 8.1x allows remote authenticated users to obtain sensitive information via unknown vectors.
CVE-2011-0806 2 Microsoft, Oracle 2 Windows, Database Server 2025-04-11 N/A
Unspecified vulnerability in the Network Foundation component in Oracle Database Server 10.1.0.5, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2, when running on Windows, allows remote attackers to affect availability via unknown vectors.
CVE-2011-0804 1 Oracle 1 Database Server 2025-04-11 N/A
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
CVE-2011-0890 2 Hp, Microsoft 2 Discovery\&dependency Mapping Inventory, Windows 2025-04-11 N/A
HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read community.
CVE-2011-0797 1 Oracle 1 E-business Suite 2025-04-11 N/A
Unspecified vulnerability in the Applications Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality via unknown vectors.
CVE-2013-5779 1 Oracle 1 Peoplesoft Products 2025-04-11 N/A
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote authenticated users to affect confidentiality via vectors related to PIA Core Technology.
CVE-2013-3239 1 Phpmyadmin 1 Phpmyadmin 2025-04-11 N/A
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTTP Server, as demonstrated by a .php.sql filename.
CVE-2013-3243 2 Opentext, Sap 2 Opentext\/ixos Ecm For Sap Netweaver, Netweaver 2025-04-11 N/A
Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver allows remote attackers to execute arbitrary ABAP code via unknown vectors.
CVE-2013-2123 2 Drupal, Node Access User Reference Project 2 Drupal, Nodeaccess Userreference Module 2025-04-11 N/A
The Node access user reference module 6.x-3.x before 6.x-3.5 and 7.x-3.x before 7.x-3.10 for Drupal does not properly restrict access to content containing a user reference field when the author update/delete grants are enabled and the author's user account is deleted, which allows remote attackers to modify the content via unspecified vectors.
CVE-2013-0872 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
The swr_init function in libswresample/swresample.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid or unsupported (1) input or (2) output channel layout, related to an out-of-bounds array access.
CVE-2013-5197 1 Apple 5 Iphone Os, Itunes, Safari and 2 more 2025-04-11 N/A
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1.
CVE-2010-2388 1 Oracle 1 E-business Suite 2025-04-11 N/A
Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors.
CVE-2009-4748 2 Andrew Charlton, Wordpress 2 My Category Order, Wordpress 2025-04-11 N/A
SQL injection vulnerability in mycategoryorder.php in the My Category Order plugin 2.8 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the parentID parameter in an act_OrderCategories action to wp-admin/post-new.php.
CVE-2009-4753 1 Nas Adapter 1 Nasu2fw41 2025-04-11 N/A
Multiple buffer overflows in the FTP server on the Addonics NAS Adapter NASU2FW41 with loader 1.17 allow remote attackers to cause a denial of service (TCP/IP outage) via long arguments to the (1) XRMD, (2) delete, (3) RNFR, or (4) RNTO command.
CVE-2009-4756 1 Beatport 1 Beatport Player 2025-04-11 N/A
Stack-based buffer overflow in TraktorBeatport.exe 1.0.0.283 in Beatport Player 1.0.0.0 allows remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file.
CVE-2010-0171 2 Mozilla, Redhat 4 Firefox, Seamonkey, Thunderbird and 1 more 2025-04-11 N/A
Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allow remote attackers to perform cross-origin keystroke capture, and possibly conduct cross-site scripting (XSS) attacks, by using the addEventListener and setTimeout functions in conjunction with a wrapped object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2007-3736.
CVE-2010-0576 1 Cisco 3 Ios, Ios Xe, Ios Xr 2025-04-11 N/A
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service (device reload or process restart) via a crafted LDP packet, aka Bug IDs CSCsz45567 and CSCsj25893.
CVE-2010-1091 1 Phpmysite 1 Phpmysite 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in contact.php in phpMySite allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) city, (3) email, (4) state, and (5) message parameters.
CVE-2010-1092 1 Scriptsfeed 1 Business Directory Software 2025-04-11 N/A
Multiple SQL injection vulnerabilities in login.php in ScriptsFeed Business Directory Software allow remote attackers to execute arbitrary SQL commands via the (1) us and (2) ps parameters.