Total
29162 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-0707 | 1 Google | 1 Android | 2024-09-17 | N/A |
A elevation of privilege vulnerability in the HTC led driver. Product: Android. Versions: Android kernel. Android ID: A-36088467. | ||||
CVE-2021-23128 | 1 Joomla | 1 Joomla\! | 2024-09-17 | 9.1 Critical |
An issue was discovered in Joomla! 3.2.0 through 3.9.24. The core shipped but unused randval implementation within FOF (FOFEncryptRandval) used an potential insecure implemetation. That has now been replaced with a call to 'random_bytes()' and its backport that is shipped within random_compat. | ||||
CVE-2018-18363 | 1 Symantec | 1 Norton App Lock | 2024-09-17 | N/A |
Norton App Lock prior to 1.4.0.445 can be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking the device, thereby allowing the individual to gain device access. | ||||
CVE-2009-0721 | 1 Hp | 1 Remote Graphics Software | 2024-09-17 | N/A |
Unspecified vulnerability in Easy Login in the Sender module in HP Remote Graphics Software (RGS) 4.0.0 through 5.2.4 allows remote attackers to execute arbitrary code via unknown vectors. | ||||
CVE-2013-5761 | 1 Oracle | 1 Siebel Crm | 2024-09-17 | N/A |
Unspecified vulnerability in the Siebel Core - Server BizLogic Script component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Integration - Scripting. | ||||
CVE-2018-17018 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-09-17 | N/A |
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for time_switch name. | ||||
CVE-2018-1452 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2024-09-17 | N/A |
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140047. | ||||
CVE-2013-2552 | 1 Microsoft | 2 Internet Explorer, Windows 8 | 2024-09-17 | N/A |
Unspecified vulnerability in Microsoft Internet Explorer 10 on Windows 8 allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a Medium integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013. | ||||
CVE-2013-2935 | 1 Citrix | 1 Cloudportal Services Manager | 2024-09-17 | N/A |
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. | ||||
CVE-2019-0065 | 1 Juniper | 18 Junos, Mx10, Mx10003 and 15 more | 2024-09-17 | 5.3 Medium |
On MX Series, when the SIP ALG is enabled, receipt of a certain malformed SIP packet may crash the MS-PIC component on MS-MIC or MS-MPC. By continuously sending a crafted SIP packet, an attacker can repeatedly bring down MS-PIC on MS-MIC/MS-MPC causing a sustained Denial of Service. This issue affects Juniper Networks Junos OS on MX Series: 16.1 versions prior to 16.1R7-S5; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3-S3; 17.3 versions prior to 17.3R3-S6 ; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S3; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2. | ||||
CVE-2020-4611 | 1 Ibm | 1 Data Risk Manager | 2024-09-17 | 8.8 High |
IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to bypass security and execute actions reserved for admins. IBM X-Force ID: 184922. | ||||
CVE-2010-1038 | 1 Hp | 1 Systems Insight Manager | 2024-09-17 | N/A |
Unspecified vulnerability in HP System Insight Manager before 6.0 allows remote authenticated users to gain privileges via unknown vectors. | ||||
CVE-2009-4191 | 1 Sun | 2 Opensolaris, Sunos | 2024-09-17 | N/A |
Unspecified vulnerability in the kernel in Sun Solaris 10 and OpenSolaris 2009.06 on the x86-64 platform allows local users to gain privileges via unknown vectors, as demonstrated by the vd_sol_local module in VulnDisco Pack Professional 8.12. NOTE: as of 20091203, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
CVE-2017-13254 | 1 Google | 1 Android | 2024-09-17 | N/A |
A other vulnerability in the Android media framework (AACExtractor). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70239507. | ||||
CVE-2017-15525 | 1 Symantec | 1 Endpoint Encryption | 2024-09-17 | N/A |
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a denial of service (DoS) attack, which is a type of attack whereby the perpetrator attempts to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network. | ||||
CVE-2019-4036 | 1 Ibm | 1 Security Access Manager | 2024-09-17 | 7.5 High |
IBM Security Access Manager Appliance could allow unauthenticated attacker to cause a denial of service in the reverse proxy component. IBM X-Force ID: 156159. | ||||
CVE-2012-0122 | 1 Hp | 1 Data Protector Express | 2024-09-17 | N/A |
Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1393. | ||||
CVE-2017-8591 | 1 Microsoft | 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more | 2024-09-17 | N/A |
Windows Input Method Editor (IME) in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an remote code execution vulnerability when it fails to properly handle objects in memory, aka "Windows IME Remote Code Execution Vulnerability". | ||||
CVE-2020-4381 | 1 Ibm | 1 Elastic Storage Server | 2024-09-17 | 6.5 Medium |
IBM Spectrum Scale for IBM Elastic Storage Server 5.3.0 through 5.3.6 could allow an authenticated user to cause a denial of service during deployment or upgrade if GUI specific services are enabled. IBM X-Force ID: 179162. | ||||
CVE-2018-15372 | 1 Cisco | 1 Ios Xe | 2024-09-17 | N/A |
A vulnerability in the MACsec Key Agreement (MKA) using Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic through a Layer 3 interface of an affected device. The vulnerability is due to a logic error in the affected software. An attacker could exploit this vulnerability by connecting to and passing traffic through a Layer 3 interface of an affected device, if the interface is configured for MACsec MKA using EAP-TLS and is running in access-session closed mode. A successful exploit could allow the attacker to bypass 802.1x network access controls and gain access to the network. |