Total
29085 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-17011 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-09-17 | N/A |
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for hosts_info para sun. | ||||
CVE-2018-3671 | 1 Intel | 1 Saffron Memorybase | 2024-09-17 | N/A |
Escalation of privilege in Intel Saffron admin application before 11.4 allows an authenticated user to access unauthorized information. | ||||
CVE-2011-0796 | 1 Oracle | 1 E-business Suite | 2024-09-17 | N/A |
Unspecified vulnerability in the Applications Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows local users to affect confidentiality via unknown vectors. | ||||
CVE-2017-7344 | 1 Fortinet | 1 Forticlient | 2024-09-17 | N/A |
A privilege escalation in Fortinet FortiClient Windows 5.4.3 and earlier as well as 5.6.0 allows attacker to gain privilege via exploiting the Windows "security alert" dialog thereby popping up when the "VPN before logon" feature is enabled and an untrusted certificate chain. | ||||
CVE-2021-26337 | 1 Amd | 224 Epyc 7002, Epyc 7002 Firmware, Epyc 7003 and 221 more | 2024-09-17 | 5.5 Medium |
Insufficient DRAM address validation in System Management Unit (SMU) may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests. | ||||
CVE-2022-36793 | 1 Wp-shop | 1 Wp Shop | 2024-09-17 | 6.5 Medium |
Unauthenticated Plugin Settings Change & Data Deletion vulnerabilities in WP Shop plugin <= 3.9.6 at WordPress. | ||||
CVE-2010-3398 | 1 Ibm | 1 Lotus Sametime | 2024-09-17 | N/A |
Unspecified vulnerability in the webcontainer implementation in IBM Lotus Sametime Connect 8.5.1 before CF1 has unknown impact and attack vectors, aka SPRs LXUU87S57H and LXUU87S93W. | ||||
CVE-2017-2741 | 1 Hp | 76 D3q15a, D3q15a Firmware, D3q15b and 73 more | 2024-09-17 | N/A |
A potential security vulnerability has been identified with HP PageWide Printers, HP OfficeJet Pro Printers, with firmware before 1708D. This vulnerability could potentially be exploited to execute arbitrary code. | ||||
CVE-2017-6423 | 1 Google | 1 Android | 2024-09-17 | N/A |
An elevation of privilege vulnerability in the Qualcomm kyro L2 driver. Product: Android. Versions: Android kernel. Android ID: A-32831370. References: QC-CR#1103158. | ||||
CVE-2008-7285 | 1 Ibm | 2 Lotus Domino, Lotus Quickr | 2024-09-17 | N/A |
Unspecified vulnerability in the docnote string handling implementation in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, aka SPR JFLD7GZT25. | ||||
CVE-2018-1383 | 1 Ibm | 1 Aix | 2024-09-17 | N/A |
A software logic bug creates a vulnerability in an AIX 6.1, 7.1, and 7.2 daemon which could allow a user with root privileges on one system, to obtain root access on another machine. IBM X-force ID: 138117. | ||||
CVE-2021-31371 | 1 Juniper | 6 Junos, Qfx5100, Qfx5110 and 3 more | 2024-09-17 | 5.3 Medium |
Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an QFX5000 Series switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the Internet, leading to an information exposure vulnerability. This issue affects Juniper Networks Junos OS on QFX5110, QFX5120, QFX5200, QFX5210 Series, and QFX5100 with QFX 5e Series image installed: All versions prior to 17.3R3-S12; 18.1 versions prior to 18.1R3-S13; 18.3 versions prior to 18.3R3-S5; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2; | ||||
CVE-2012-4598 | 1 Mcafee | 2 Epo Mcafee Virtual Technician, Mcafee Virtual Technician | 2024-09-17 | N/A |
An unspecified ActiveX control in McAfee Virtual Technician (MVT) before 6.4, and ePO-MVT, allows remote attackers to execute arbitrary code or cause a denial of service (Internet Explorer crash) via a crafted web site. | ||||
CVE-2018-1193 | 1 Cloudfoundry | 2 Cf-deployment, Routing-release | 2024-09-17 | N/A |
Cloud Foundry routing-release, versions prior to 0.175.0, lacks sanitization for user-provided X-Forwarded-Proto headers. A remote user can set the X-Forwarded-Proto header in a request to potentially bypass an application requirement to only respond over secure connections. | ||||
CVE-2013-0960 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2024-09-17 | N/A |
WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0961. | ||||
CVE-2017-0681 | 1 Google | 1 Android | 2024-09-17 | N/A |
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37208566. | ||||
CVE-2015-9217 | 1 Qualcomm | 48 Msm8909w, Msm8909w Firmware, Sd 205 and 45 more | 2024-09-17 | N/A |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, certain malformed HVEC clips could cause an assertion to fail. | ||||
CVE-2021-23388 | 1 Forms Project | 1 Forms | 2024-09-17 | 5.3 Medium |
The package forms before 1.2.1, from 1.3.0 and before 1.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via email validation. | ||||
CVE-2017-5787 | 1 Hp | 1 Version Control Repository Manager | 2024-09-17 | N/A |
A remote denial of service vulnerability in HPE Version Control Repository Manager (VCRM) in all versions prior to 7.6 was found. | ||||
CVE-2018-11449 | 1 Siemens | 2 Scalance M875, Scalance M875 Firmware | 2024-09-17 | N/A |
A vulnerability has been identified in SCALANCE M875 (All versions). An attacker with access to the local file system might obtain passwords for administrative users. Successful exploitation requires read access to files on the local file system. A successful attack could allow an attacker to obtain administrative passwords. At the time of advisory publication no public exploitation of this security vulnerability was known. |