Total
29162 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-1998 | 1 Google | 1 Android | 2024-09-17 | N/A |
| In event_handler of keymaster_app.c, there is possible resource exhaustion due to a table being lost on reboot. This could lead to local denial of service that is not fixed by a factory reset, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-116055338. | ||||
| CVE-2017-9277 | 1 Novell | 1 Edirectory | 2024-09-17 | N/A |
| The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA. | ||||
| CVE-2017-1212 | 1 Ibm | 1 Daeja Viewone | 2024-09-17 | N/A |
| IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 is vulnerable to a denial of service when viewing or opening a large file. IBM X-Force ID: 123852. | ||||
| CVE-2021-39053 | 2 Ibm, Linux | 2 Spectrum Copy Data Management, Linux Kernel | 2024-09-17 | 7.5 High |
| IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to obtain sensitive information, caused by the improper handling of requests for Spectrum Copy Data Management Admin Console. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 214524. | ||||
| CVE-2021-43050 | 1 Tibco | 1 Businessconnect | 2024-09-17 | 8.4 High |
| The Auth Server component of TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition contains an easily exploitable vulnerability that allows an unauthenticated attacker with local access to obtain administrative usernames and passwords for the affected system. Affected releases are TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition: versions 1.1.0 and below. | ||||
| CVE-2019-9849 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-09-17 | 4.3 Medium |
| LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior to version 6.2.5. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5. | ||||
| CVE-2018-0849 | 1 Microsoft | 3 Office, Office Compatibility Pack, Word | 2024-09-17 | N/A |
| Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807. | ||||
| CVE-2011-0849 | 1 Oracle | 1 Java Dynamic Management Kit | 2024-09-17 | N/A |
| Unspecified vulnerability in Oracle Java Dynamic Management Kit 5.1 allows remote attackers to affect integrity, related to HTML Adaptor. | ||||
| CVE-2019-0063 | 1 Juniper | 18 Junos, Mx10, Mx10003 and 15 more | 2024-09-17 | 6.5 Medium |
| When an MX Series Broadband Remote Access Server (BRAS) is configured as a Broadband Network Gateway (BNG) with DHCPv6 enabled, jdhcpd might crash when receiving a specific crafted DHCP response message on a subscriber interface. The daemon automatically restarts without intervention, but continuous receipt of specific crafted DHCP messages will repeatedly crash jdhcpd, leading to an extended Denial of Service (DoS) condition. This issue only affects systems configured with DHCPv6 enabled. DHCPv4 is unaffected by this issue. This issue affects Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S5 on MX Series; 16.1 versions prior to 16.1R7-S5 on MX Series; 16.2 versions prior to 16.2R2-S10 on MX Series; 17.1 versions prior to 17.1R3-S1 on MX Series; 17.2 versions prior to 17.2R3-S2 on MX Series; 17.3 versions prior to 17.3R3-S6 on MX Series; 17.4 versions prior to 17.4R2-S5, 17.4R3 on MX Series; 18.1 versions prior to 18.1R3-S6 on MX Series; 18.2 versions prior to 18.2R2-S4, 18.2R3 on MX Series; 18.2X75 versions prior to 18.2X75-D50 on MX Series; 18.3 versions prior to 18.3R1-S5, 18.3R3 on MX Series; 18.4 versions prior to 18.4R2 on MX Series; 19.1 versions prior to 19.1R1-S2, 19.1R2 on MX Series. | ||||
| CVE-2012-2792 | 1 Ffmpeg | 1 Ffmpeg | 2024-09-17 | N/A |
| Unspecified vulnerability in the decode_init function in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the samples per frame. | ||||
| CVE-2011-0850 | 1 Oracle | 1 Peoplesoft Enterprise Customer Relationship Management | 2024-09-17 | N/A |
| Unspecified vulnerability in Oracle PeopleSoft Enterprise CRM 8.9 Bundle #41 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Order Capture. | ||||
| CVE-2019-0112 | 1 Intel | 1 Data Center Manager | 2024-09-17 | N/A |
| Improper flow control in crypto routines for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable a denial of service via local access. | ||||
| CVE-2000-1245 | 1 Novell | 2 Netware, Netware Ftp Server | 2024-09-17 | N/A |
| Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors. | ||||
| CVE-2018-9934 | 1 Metinfo | 1 Metinfo | 2024-09-17 | N/A |
| The reset-password feature in MetInfo 6.0 allows remote attackers to change arbitrary passwords via vectors involving a Host HTTP header that is modified to specify a web server under the attacker's control. | ||||
| CVE-2021-29700 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-17 | 4.3 Medium |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authneticated attacker to obtain sensitive information from configuration files that could aid in further attacks against the system. IBM X-Force ID: 200656. | ||||
| CVE-2017-12624 | 2 Apache, Redhat | 3 Cxf, Jboss Enterprise Application Platform, Jboss Single Sign On | 2024-09-17 | N/A |
| Apache CXF supports sending and receiving attachments via either the JAX-WS or JAX-RS specifications. It is possible to craft a message attachment header that could lead to a Denial of Service (DoS) attack on a CXF web service provider. Both JAX-WS and JAX-RS services are vulnerable to this attack. From Apache CXF 3.2.1 and 3.1.14, message attachment headers that are greater than 300 characters will be rejected by default. This value is configurable via the property "attachment-max-header-size". | ||||
| CVE-2018-6290 | 1 Kaspersky | 1 Secure Mail Gateway | 2024-09-17 | N/A |
| Local Privilege Escalation in Kaspersky Secure Mail Gateway version 1.1. | ||||
| CVE-2018-0940 | 1 Microsoft | 1 Exchange Server | 2024-09-17 | N/A |
| Microsoft Exchange Outlook Web Access (OWA) in Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Microsoft Exchange Server 2013 Cumulative Update 18, Microsoft Exchange Server 2013 Cumulative Update 19, Microsoft Exchange Server 2013 Service Pack 1, Microsoft Exchange Server 2016 Cumulative Update 7, and Microsoft Exchange Server 2016 Cumulative Update 8 allows an elevation of privilege vulnerability due to how links in the body of an email message are rewritten, aka "Microsoft Exchange Elevation of Privilege Vulnerability". | ||||
| CVE-2014-8530 | 1 Mcafee | 1 Network Data Loss Prevention | 2024-09-17 | N/A |
| Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to obtain sensitive information, affect integrity, or cause a denial of service via unknown vectors, related to simultaneous logins. | ||||
| CVE-2018-7522 | 1 Schneider-electric | 2 Triconex Tricon Mp 3008, Triconex Tricon Mp 3008 Firmware | 2024-09-17 | N/A |
| In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, when a system call is made, registers are stored to a fixed memory location. Modifying the data in this location could allow attackers to gain supervisor-level access and control system states. | ||||