Total
29075 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-14191 | 1 Atlassian | 2 Crucible, Fisheye | 2024-09-17 | 7.5 High |
Affected versions of Atlassian Fisheye/Crucible allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the MessageBundleResource within Atlassian Gadgets. The affected versions are before version 4.8.4. | ||||
CVE-2018-1389 | 1 Ibm | 1 Api Connect | 2024-09-17 | N/A |
IBM API Connect 5.0.0.0 through 5.0.8.2 is impacted by generated LoopBack APIs for a Model using the BelongsTo/HasMany relationship allowing unauthorized modification of information. IBM X-Force ID: 138213. | ||||
CVE-2010-3903 | 1 Infradead | 1 Openconnect | 2024-09-17 | N/A |
Unspecified vulnerability in OpenConnect before 2.23 allows remote AnyConnect SSL VPN servers to cause a denial of service (application crash) via a 404 HTTP status code. | ||||
CVE-2010-0508 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-09-17 | N/A |
Mail in Apple Mac OS X before 10.6.3 does not disable the filter rules associated with a deleted mail account, which has unspecified impact and attack vectors. | ||||
CVE-2020-12773 | 1 Realtek | 1 Adsl Router Soc Firmware | 2024-09-17 | 9.6 Critical |
A security misconfiguration vulnerability exists in the SDK of some Realtek ADSL/PON Modem SoC firmware, which allows attackers using a default password to execute arbitrary commands remotely via the build-in network monitoring tool. | ||||
CVE-2010-3687 | 2 Alex Kellner, Typo3 | 2 Powermail, Typo3 | 2024-09-17 | N/A |
Unspecified vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attackers to bypass validation have an unspecified impact by "[injecting] arbitrary values into validated fields," as demonstrated using the (1) Email and (2) URL fields. | ||||
CVE-2020-3259 | 1 Cisco | 2 Adaptive Security Appliance Software, Firepower Threat Defense | 2024-09-17 | 7.5 High |
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential information. The vulnerability is due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. An attacker could exploit this vulnerability by sending a crafted GET request to the web services interface. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section. | ||||
CVE-2013-1149 | 1 Cisco | 5 5500 Series Adaptive Security Appliance, 6500 Series Adaptive Security Appliance, 7600 Series Adaptive Security Appliance and 2 more | 2024-09-17 | N/A |
Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.28), 8.1 and 8.2 before 8.2(5.35), 8.3 before 8.3(2.34), 8.4 before 8.4(4.11), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3), and Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(24.1) and 4.0 and 4.1 before 4.1(11.1), allow remote attackers to cause a denial of service (device reload) via a crafted IKEv1 message, aka Bug IDs CSCub85692 and CSCud20267. | ||||
CVE-2021-46771 | 1 Amd | 46 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 43 more | 2024-09-17 | 7.8 High |
Insufficient validation of addresses in AMD Secure Processor (ASP) firmware system call may potentially lead to arbitrary code execution by a compromised user application. | ||||
CVE-2021-39056 | 1 Ibm | 1 I | 2024-09-17 | 6.5 Medium |
The IBM i 7.1, 7.2, 7.3, and 7.4 Extended Dynamic Remote SQL server (EDRSQL) could allow a remote authenticated user to send a specially crafted request and cause a denial of service. IBM X-Force ID: 214537. | ||||
CVE-2021-29856 | 1 Ibm | 1 Tivoli Netcool\/omnibus Webgui | 2024-09-17 | 6.5 Medium |
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 could allow an authenticated usre to cause a denial of service through the WebGUI Map Creation page. IBM X-Force ID: 205685. | ||||
CVE-2019-4530 | 1 Ibm | 1 Maximo Asset Management | 2024-09-17 | 6.5 Medium |
IBM Maximo Asset Management 7.6, 7.6.1, and 7.6.1.1 could allow an authenticated user to delete a record that they should not normally be able to. IBM X-Force ID: 165586. | ||||
CVE-2011-4253 | 1 Realnetworks | 1 Realplayer | 2024-09-17 | N/A |
Unspecified vulnerability in the RV20 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via unknown vectors. | ||||
CVE-2018-5508 | 1 F5 | 1 Big-ip Policy Enforcement Manager | 2024-09-17 | N/A |
On F5 BIG-IP PEM versions 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.5.1-11.5.5, or 11.2.1, under certain conditions, TMM may crash when processing compressed data though a Virtual Server with an associated PEM profile using the content insertion option. | ||||
CVE-2018-1150 | 1 Nuuo | 2 Nvrmini2, Nvrmini2 Firmware | 2024-09-17 | N/A |
NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists. | ||||
CVE-2018-9501 | 1 Google | 1 Android | 2024-09-17 | N/A |
In the SetupWizard, there is a possible Factory Reset Protection bypass due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-110034419 | ||||
CVE-2018-19012 | 1 Draeger | 8 Delta Xl, Delta Xl Firmware, Infinity Delta and 5 more | 2024-09-17 | N/A |
Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. Via a specific dialog it is possible to break out of the kiosk mode and reach the underlying operating system. By breaking out of the kiosk mode, an attacker is able to take control of the operating system. | ||||
CVE-2018-6300 | 1 Hanwha-security | 4 Snh-v6410pn, Snh-v6410pn Firmware, Snh-v6410pnw and 1 more | 2024-09-17 | N/A |
Remote password change in Hanwha Techwin Smartcams | ||||
CVE-2021-26400 | 1 Amd | 1 Cpu | 2024-09-17 | 4.0 Medium |
AMD processors may speculatively re-order load instructions which can result in stale data being observed when multiple processors are operating on shared memory, resulting in potential data leakage. | ||||
CVE-2019-4541 | 1 Ibm | 1 Security Directory Server | 2024-09-17 | 7.2 High |
IBM Security Directory Server 6.4.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 165814. |