Total
29162 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2011-2638 | 1 Opera | 1 Opera Browser | 2024-09-17 | N/A |
Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by games on zylom.com. | ||||
CVE-2021-28818 | 2 Microsoft, Tibco | 2 Windows, Rendezvous | 2024-09-17 | 8.8 High |
The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Daemon (rvsd), Rendezvous Cache (rvcache), Rendezvous Secure C API, Rendezvous Java API, and Rendezvous .Net API components of TIBCO Software Inc.'s TIBCO Rendezvous and TIBCO Rendezvous Developer Edition contain a vulnerability that theoretically allows a low privileged attacker with local access on the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from the affected component searching for run-time artifacts outside of the installation hierarchy. Affected releases are TIBCO Software Inc.'s TIBCO Rendezvous: versions 8.5.1 and below and TIBCO Rendezvous Developer Edition: versions 8.5.1 and below. | ||||
CVE-2019-0075 | 1 Juniper | 25 Csrx, Junos, Srx100 and 22 more | 2024-09-17 | 7.5 High |
A vulnerability in the srxpfe process on Protocol Independent Multicast (PIM) enabled SRX series devices may lead to crash of the srxpfe process and an FPC reboot while processing (PIM) messages. Sustained receipt of these packets may lead to an extended denial of service condition. Affected releases are Juniper Networks Junos OS on SRX Series: 12.3X48 versions prior to 12.3X48-D80; 15.1X49 versions prior to 15.1X49-D160; 17.3 versions prior to 17.3R3-S7 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R2; 18.3 versions prior to 18.3R2. | ||||
CVE-2004-2706 | 1 Phrozensmoke | 1 Gyach Enhanced | 2024-09-17 | N/A |
Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service (crash) via conference packets with error messages. | ||||
CVE-2012-6552 | 1 Phpvms | 1 Phpvms | 2024-09-17 | N/A |
Unspecified vulnerability in admin/action.php in phpVMS 2.1.x before 2.1.935 has unknown impact and attack vectors. | ||||
CVE-2020-4901 | 1 Ibm | 1 Robotic Process Automation With Automation Anywhere | 2024-09-17 | 6.5 Medium |
IBM Robotic Process Automation with Automation Anywhere 11.0 could allow an attacker on the network to obtain sensitive information or cause a denial of service through username enumeration. IBM X-Force ID: 190992. | ||||
CVE-2020-4635 | 2 Ibm, Redhat | 2 Soar, Enterprise Linux | 2024-09-17 | 5.3 Medium |
IBM Resilient SOAR 40 and earlier could disclose sensitive information by allowing a user to enumerate usernames. | ||||
CVE-2014-8533 | 1 Mcafee | 1 Network Data Loss Prevention | 2024-09-17 | N/A |
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to execute arbitrary code via vectors related to ICMP redirection. | ||||
CVE-2011-5133 | 1 Mybb | 1 Mybb | 2024-09-17 | N/A |
Unspecified vulnerability in MyBB before 1.6.5 has unknown impact and attack vectors, related to an "unparsed user avatar in the buddy list." | ||||
CVE-2017-20007 | 1 Ingeteam | 2 Ingepac Da Au, Ingepac Da Au Firmware | 2024-09-17 | 5.3 Medium |
Ingeteam INGEPAC DA AU AUC_1.13.0.28 (and before) web application allows access to a certain path that contains sensitive information that could be used by an attacker to execute more sophisticated attacks. An unauthenticated remote attacker with access to the deviceĀ“s web service could exploit this vulnerability in order to obtain different configuration files. | ||||
CVE-2017-1000361 | 1 Opendaylight | 1 Opendaylight | 2024-09-17 | N/A |
DOMRpcImplementationNotAvailableException when sending Port-Status packets to OpenDaylight. Controller launches exceptions and consumes more CPU resources. Component: OpenDaylight is vulnerable to this flaw. Version: The tested versions are OpenDaylight 3.3 and 4.0. | ||||
CVE-2022-41655 | 1 Algolplus | 1 Phone Orders For Woocommerce | 2024-09-17 | 4.3 Medium |
Auth. (subscriber+) Sensitive Data Exposure vulnerability in Phone Orders for WooCommerce plugin <= 3.7.1 on WordPress. | ||||
CVE-2018-3666 | 1 Intel | 1 Intel Smart Sound Technology | 2024-09-17 | N/A |
Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a non-paged pool overflow. | ||||
CVE-2018-13298 | 1 Synology | 1 Moments | 2024-09-17 | N/A |
Channel accessible by non-endpoint vulnerability in privacy page in Synology Android Moments before 1.2.3-199 allows man-in-the-middle attackers to execute arbitrary code via unspecified vectors. | ||||
CVE-2013-6244 | 1 Sap | 1 Netweaver | 2024-09-17 | N/A |
The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | ||||
CVE-2017-2703 | 1 Huawei | 4 Mate 9, Mate 9 Firmware, P9 and 1 more | 2024-09-17 | N/A |
Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier before EVA-AL10C00B373,Versions earlier before EVA-CL10C00B373,Versions earlier before EVA-DL10C00B373,Versions earlier before EVA-TL10C00B373 can be bypass. An attacker can bypass the Phone Finder by special steps and enter the System Setting. | ||||
CVE-2008-6549 | 1 Moinmo | 1 Moinmoin | 2024-09-17 | N/A |
The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors. | ||||
CVE-2020-4484 | 1 Ibm | 1 Urbancode Deploy | 2024-09-17 | 4.3 Medium |
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could disclose sensitive information to an authenticated user that could be used in further attacks against the system. IBM X-Force ID: 181858. | ||||
CVE-2012-3789 | 1 Bitcoin | 1 Bitcoin Core | 2024-09-17 | N/A |
Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.7rc3, 0.5.x before 0.5.6rc3, 0.6.0.x before 0.6.0.9rc1, and 0.6.x before 0.6.3rc1 allows remote attackers to cause a denial of service (process hang) via unknown behavior on a Bitcoin network. | ||||
CVE-2013-7363 | 1 Sap | 1 Solution Manager | 2024-09-17 | N/A |
Unspecified vulnerability in the Diagnostics (SMD) agent in SAP Solution Manager allows remote attackers to obtain sensitive information, modify the configuration of applications, and install or remove applications via vectors involving the P4 protocol. |