Search Results (362599 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-0056 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2025-04-11 N/A
The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper.
CVE-2012-0057 2 Php, Redhat 2 Php, Enterprise Linux 2025-04-11 N/A
PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension.
CVE-2012-0058 1 Linux 1 Linux Kernel 2025-04-11 5.5 Medium
The kiocb_batch_free function in fs/aio.c in the Linux kernel before 3.2.2 allows local users to cause a denial of service (OOPS) via vectors that trigger incorrect iocb management.
CVE-2013-5931 1 Real-estate-php-script 1 Real Estate Php Script 2025-04-11 N/A
SQL injection vulnerability in property_listings_detail.php in Real Estate PHP Script allows remote attackers to execute arbitrary SQL commands via the listingid parameter.
CVE-2012-0061 2 Redhat, Rpm 5 Enterprise Linux, Rhel Els, Rhel Eus and 2 more 2025-04-11 N/A
The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large region size in a package header.
CVE-2012-0066 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2025-04-11 N/A
Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a (1) Accellent 5Views (aka .5vw) file, (2) I4B trace file, or (3) NETMON 2 capture file.
CVE-2013-5934 1 Open-xchange 1 Open-xchange Appsuite 2025-04-11 N/A
Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 has a hardcoded password for node join operations, which allows remote attackers to expand a cluster by finding this password in the source code and then sending the password in a Hazelcast cluster API call, a different vulnerability than CVE-2013-5200.
CVE-2012-0069 1 Batavi 1 Batavi 2025-04-11 N/A
SQL injection vulnerability in ajax.php in Batavi before 1.2.1 allows remote attackers to execute arbitrary SQL commands via the boxToReload parameter.
CVE-2012-0074 1 Oracle 1 Peoplesoft Products 2025-04-11 N/A
Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft Products 8.9 allows remote authenticated users to affect integrity via unknown vectors related to Sales.
CVE-2012-0076 1 Oracle 1 Peoplesoft Products 2025-04-11 N/A
Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to ePerformance.
CVE-2012-0077 1 Oracle 1 Fusion Middleware 2025-04-11 N/A
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4, 10.0.2, 10.3.3, 10.3.4, and 10.3.5 allows remote authenticated users to affect integrity, related to WLS-Console.
CVE-2013-5937 2 Click2sell, Drupal 2 Click2sell Suite Module, Drupal 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in the Click2Sell Suite module 6.x-1.x for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete database information via vectors involving the Drupal Form API.
CVE-2012-0080 1 Oracle 1 Peoplesoft Products 2025-04-11 N/A
Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Talent Acquisition Management.
CVE-2012-0082 1 Oracle 1 Database Server 2025-04-11 N/A
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity and availability via unknown vectors.
CVE-2013-5938 2 Click2sell, Drupal 2 Click2sell Suite Module, Drupal 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Click2Sell Suite module 6.x-1.x for Drupal allows remote attackers to inject arbitrary web script or HTML via a confirmation form.
CVE-2012-0084 1 Oracle 1 Fusion Middleware 2025-04-11 N/A
Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 7.5.2, 10.1.3.5.1, 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote authenticated users to affect integrity via unknown vectors related to Content Server.
CVE-2013-5959 1 Bluecoat 2 Proxysg, Proxysgos 2025-04-11 N/A
Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers a large number of HTTP RW pipeline pre-fetch requests.
CVE-2012-0086 1 Oracle 1 Fusion Middleware 2025-04-11 N/A
Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Middleware 10.1.3.6.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Web, a different vulnerability than CVE-2012-0095 and CVE-2012-0108.
CVE-2012-0087 3 Mysql, Oracle, Redhat 3 Mysql, Mysql, Enterprise Linux 2025-04-11 N/A
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102.
CVE-2012-0094 1 Sun 1 Sunos 2025-04-11 N/A
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows remote attackers to affect availability, related to TCP/IP.