Total
28533 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-1646 | 1 Juniper | 2 Junos, Junos Os Evolved | 2024-09-17 | 7.5 High |
| On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific UPDATE for an EBGP peer can lead to a routing process daemon (RPD) crash and restart. This issue occurs only when the device is receiving and processing the BGP UPDATE for an EBGP peer. This issue does not occur when the device is receiving and processing the BGP UPDATE for an IBGP peer. However, the offending BGP UPDATE can originally come from an EBGP peer, propagates through the network via IBGP peers without causing crash, then it causes RPD crash when it is processed for a BGP UPDATE towards an EBGP peer. Repeated receipt and processing of the same specific BGP UPDATE can result in an extended Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 17.3R3-S6, 17.4R2-S7, and 18.1R3-S7. Juniper Networks Junos OS Evolved 19.2R2-EVO and later versions, prior to 19.3R1-EVO. Other Junos OS releases are not affected. | ||||
| CVE-2018-15780 | 1 Rsa | 1 Archer Grc Platform | 2024-09-17 | N/A |
| RSA Archer versions prior to 6.5.0.1 contain an improper access control vulnerability. A remote malicious user could potentially exploit this vulnerability to bypass authorization checks and gain read access to restricted user information. | ||||
| CVE-2020-36603 | 1 Hoyoverse | 1 Mhyprot2 | 2024-09-17 | 6.5 Medium |
| The HoYoVerse (formerly miHoYo) Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged users to execute arbitrary code with SYSTEM privileges on Microsoft Windows systems. The mhyprot2.sys driver must first be installed by a user with administrative privileges. | ||||
| CVE-2018-5524 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2024-09-17 | N/A |
| Under certain conditions, on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.6.1 HF2-11.6.3.1, virtual servers configured with Client SSL or Server SSL profiles which make use of network hardware security module (HSM) functionality are exposed and impacted by this issue. | ||||
| CVE-2019-11211 | 1 Tibco | 2 Enterprise Runtime For R, Spotfire Analytics Platform For Aws | 2024-09-17 | 9.9 Critical |
| The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, and TIBCO Spotfire Analytics Platform for AWS Marketplace contains a vulnerability that theoretically allows an authenticated user to trigger remote code execution in certain circumstances. When the affected component runs with the containerized TERR service on Linux the host can theoretically be tricked into running malicious code. This issue affects: TIBCO Enterprise Runtime for R - Server Edition version 1.2.0 and below, and TIBCO Spotfire Analytics Platform for AWS Marketplace 10.4.0; 10.5.0. | ||||
| CVE-2019-4352 | 1 Ibm | 1 Maximo Anywhere | 2024-09-17 | 2.4 Low |
| IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code. IBM X-Force ID: 161494. | ||||
| CVE-2017-8949 | 1 Hp | 1 Sitescope | 2024-09-17 | N/A |
| A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found. | ||||
| CVE-2022-45069 | 1 Automattic | 1 Crowdsignal Dashboard | 2024-09-17 | 6.3 Medium |
| Auth. (contributor+) Privilege Escalation vulnerability in Crowdsignal Dashboard plugin <= 3.0.9 on WordPress. | ||||
| CVE-2010-0325 | 2 Sebastian Baumann, Typo3 | 2 Sb Folderdownload, Typo3 | 2024-09-17 | N/A |
| Unspecified vulnerability in the SB Folderdownload (sb_folderdownload) extension 0.2.2 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors. | ||||
| CVE-2017-6155 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Application Acceleration Manager and 8 more | 2024-09-17 | N/A |
| On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or 11.2.1, malformed SPDY or HTTP/2 requests may result in a disruption of service to TMM. Data plane is only exposed when a SPDY or HTTP/2 profile is attached to a virtual server. There is no control plane exposure. | ||||
| CVE-2021-39016 | 3 Ibm, Linux, Microsoft | 3 Engineering Lifecycle Optimization Publishing, Linux Kernel, Windows | 2024-09-17 | 4.3 Medium |
| IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the software to transmit more traffic than should be allowed for that actor. IBM X-Force ID: 213722. | ||||
| CVE-2011-3565 | 1 Oracle | 1 Communications Unified | 2024-09-17 | N/A |
| Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Calendar Server. | ||||
| CVE-2013-3579 | 1 Lookout | 1 Lookout Security \& Antivirus | 2024-09-17 | N/A |
| The Lookout Mobile Security application before 8.17-8a39d3f for Android allows attackers to cause a denial of service (application crash) via a crafted application that sends an intent to com.lookout.security.ScanTell with zero arguments. | ||||
| CVE-2021-38392 | 1 Bostonscientific | 2 Zoom Latitude Pogrammer\/recorder\/monitor 3120, Zoom Latitude Pogrammer\/recorder\/monitor 3120 Firmware | 2024-09-17 | 6.5 Medium |
| A skilled attacker with physical access to the affected device can gain access to the hard disk drive of the device to change the telemetry region and could use this setting to interrogate or program an implantable device in any region in the world. | ||||
| CVE-2016-6796 | 6 Apache, Canonical, Debian and 3 more | 16 Tomcat, Ubuntu Linux, Debian Linux and 13 more | 2024-09-17 | 7.5 High |
| A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet. | ||||
| CVE-2019-4031 | 1 Ibm | 1 Tivoli Workload Scheduler | 2024-09-17 | 7.8 High |
| IBM Workload Scheduler Distributed 9.2, 9.3, 9.4, and 9.5 contains a vulnerability that could allow a local user to write files as root in the file system, which could allow the attacker to gain root privileges. IBM X-Force ID: 155997. | ||||
| CVE-2006-0751 | 1 Noofs Team | 1 Network Object Oriented File System | 2024-09-17 | N/A |
| Multiple unspecified vulnerabilities in the (1) Filesystem in USErspace (FUSE) client and (2) NOOFS daemon in in Network Object Oriented File System (NOOFS) before 0.9.0 have unspecified impact and attack vectors. | ||||
| CVE-2011-3569 | 1 Oracle | 1 Fusion Middleware | 2024-09-17 | N/A |
| Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote attackers to affect confidentiality via unknown vectors related to Web Services Security. | ||||
| CVE-2018-1448 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2024-09-17 | N/A |
| IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140043. | ||||
| CVE-2013-3401 | 1 Cisco | 1 Telepresence Tc Software | 2024-09-17 | N/A |
| The SIP implementation in Cisco TelePresence TC Software allows remote attackers to trigger unintended use of NOTIFY messages via unspecified vectors, aka Bug ID CSCud96080. | ||||