Total
29171 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-35614 | 1 Joomla | 1 Joomla\! | 2024-09-16 | 5.3 Medium |
An issue was discovered in Joomla! 3.9.0 through 3.9.22. Improper handling of the username leads to a user enumeration attack vector in the backend login page. | ||||
CVE-2019-16021 | 1 Cisco | 20 Asr 9000, Asr 9010, Asr 9904 and 17 more | 2024-09-16 | 7.5 High |
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer. | ||||
CVE-2013-4838 | 1 Hp | 1 Loadrunner | 2024-09-16 | N/A |
Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1850. | ||||
CVE-2011-4513 | 1 Siemens | 5 Simatic Hmi Panels, Wincc, Wincc Flexible and 2 more | 2024-09-16 | N/A |
Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file, related to the HMI web server and runtime loader. | ||||
CVE-2018-17014 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-09-16 | N/A |
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for ip_mac_bind name. | ||||
CVE-2011-0939 | 1 Cisco | 2 Ios, Ios Xe | 2024-09-16 | N/A |
Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCth03022. | ||||
CVE-2017-8570 | 1 Microsoft | 1 Office | 2024-09-16 | N/A |
Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243. | ||||
CVE-2010-1731 | 2 Google, Htc | 2 Chrome, Hero | 2024-09-16 | N/A |
Google Chrome on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop. | ||||
CVE-2017-5534 | 1 Tibco | 1 Tibbr | 2024-09-16 | N/A |
The tibbr user profiles components of tibbr Community, and tibbr Enterprise expose a weakness in an improperly sandboxed third-party component. Affected releases are TIBCO Software Inc. tibbr Community 5.2.1 and below; 6.0.0; 6.0.1; 7.0.0, tibbr Enterprise 5.2.1 and below; 6.0.0; 6.0.1; 7.0.0. | ||||
CVE-2017-8959 | 1 Hp | 4 Msa 1040 San Storage, Msa 1040 San Storage Firmware, Msa 2040 San Storage and 1 more | 2024-09-16 | N/A |
An Authentication Bypass vulnerability in HPE MSA 1040 and HPE MSA 2040 SAN Storage in version GL220P008 and earlier and was found. | ||||
CVE-2020-4382 | 2 Ibm, Linux | 2 Elastic Storage Server, Linux Kernel | 2024-09-16 | 5.5 Medium |
IBM Spectrum Scale for IBM Elastic Storage Server 5.3.0 through 5.3.5 could allow an authenticated user to cause a denial of service during deployment or upgrade pertaining to xcat services. IBM X-Force ID: 179163. | ||||
CVE-2011-0854 | 1 Oracle | 1 Peoplesoft Enterprise Hrms | 2024-09-16 | N/A |
Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.1 Bundle #5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to ePerformance. | ||||
CVE-2020-5017 | 2 Ibm, Linux | 2 Spectrum Protect, Linux Kernel | 2024-09-16 | 5.5 Medium |
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user to obtain access to information beyond their intended role and permissions. IBM X-Force ID: 193653. | ||||
CVE-2012-3266 | 1 Hp | 4 Ibrix, Ibrix X9300, Ibrix X9320 and 1 more | 2024-09-16 | N/A |
Unspecified vulnerability in IBRIX 6.1.196 through 6.1.251 on HP IBRIX X9000 Storage allows remote attackers to obtain sensitive information via unknown vectors. | ||||
CVE-2022-22444 | 1 Ibm | 2 Aix, Vios | 2024-09-16 | 5.5 Medium |
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user to exploit a vulnerability in the lpd daemon to cause a denial of service. IBM X-Force ID: 224444. | ||||
CVE-2021-29719 | 2 Ibm, Netapp | 2 Cognos Analytics, Oncommand Insight | 2024-09-16 | 5.3 Medium |
IBM Cognos Analytics 11.1.7 and 11.2.0 could be vulnerable to client side vulnerabilties due to a web response specifying an incorrect content type. IBM X-Force ID: 201091 | ||||
CVE-2021-26382 | 1 Amd | 70 Ryzen 3 3200u, Ryzen 3 3200u Firmware, Ryzen 3 3250u and 67 more | 2024-09-16 | 4.4 Medium |
An attacker with root account privileges can load any legitimately signed firmware image into the Audio Co-Processor (ACP,) irrespective of the respective signing key being declared as usable for authenticating an ACP firmware image, potentially resulting in a denial of service. | ||||
CVE-2020-14165 | 1 Atlassian | 2 Jira, Jira Software Data Center | 2024-09-16 | 5.3 Medium |
The UniversalAvatarResource.getAvatars resource in Jira Server and Data Center before version 8.9.0 allows remote attackers to obtain information about custom project avatars names via an Improper authorization vulnerability. | ||||
CVE-2018-1684 | 1 Ibm | 1 Websphere Mq | 2024-09-16 | N/A |
IBM WebSphere MQ 8.0 through 9.1 is vulnerable to a error with MQTT topic string publishing that can cause a denial of service attack. IBM X-Force ID: 145456. | ||||
CVE-2013-4652 | 1 Siemens | 17 Scalance W700 Series Firmware, Scalance W744-1, Scalance W744-1pro and 14 more | 2024-09-16 | N/A |
Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 allows remote attackers to bypass authentication and execute arbitrary code via a (1) SSH or (2) TELNET connection. |