Total
29099 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-28450 | 1 Decal Project | 1 Decal | 2024-09-17 | 8.6 High |
| This affects all versions of package decal. The vulnerability is in the extend function. | ||||
| CVE-2022-38388 | 1 Ibm | 1 Navigator Mobile | 2024-09-17 | 5.5 Medium |
| IBM Navigator Mobile Android 3.4.1.1 and 3.4.1.2 app could allow a local user to obtain sensitive information due to improper access control. IBM X-Force ID: 233968. | ||||
| CVE-2021-26338 | 1 Amd | 88 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 85 more | 2024-09-17 | 7.5 High |
| Improper access controls in System Management Unit (SMU) may allow for an attacker to override performance control tables located in DRAM resulting in a potential lack of system resources. | ||||
| CVE-2022-25921 | 1 Morgan-json Project | 1 Morgan-json | 2024-09-17 | 8.1 High |
| All versions of package morgan-json are vulnerable to Arbitrary Code Execution due to missing sanitization of input passed to the Function constructor. | ||||
| CVE-2010-5238 | 1 Cyberlink | 1 Powerdirector | 2024-09-17 | N/A |
| Untrusted search path vulnerability in CyberLink PowerDirector 8.00.3022 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdl, .iso, .pds, .p2g, or .p2i file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2002-2408 | 1 Gordano | 1 Ntmail | 2024-09-17 | N/A |
| Gordano Messaging Server (GMS) Mail 8 (a.k.a. NTMail) only filters email messages for the first recipient, which allows remote attackers to bypass JUCE filters by sending a message to more than one user on the GMS server. | ||||
| CVE-2021-42332 | 1 Xinheinformation | 1 Xinhe Teaching Platform System | 2024-09-17 | 4.3 Medium |
| The “List View” function of ShinHer StudyOnline System is not under authority control. After logging in with user’s privilege, remote attackers can access the content of other users’ message boards by crafting URL parameters. | ||||
| CVE-2021-36776 | 1 Rancher | 1 Rancher | 2024-09-17 | 8.8 High |
| A Improper Access Control vulnerability in SUSE Rancher allows remote attackers impersonate arbitrary users. This issue affects: SUSE Rancher Rancher versions prior to 2.5.10. | ||||
| CVE-2021-40339 | 1 Hitachi | 1 Linkone | 2024-09-17 | 3.7 Low |
| Configuration vulnerability in Hitachi Energy LinkOne application due to the lack of HTTP Headers, allows an attacker that manages to exploit this vulnerability to retrieve sensitive information. This issue affects: Hitachi Energy LinkOne 3.20; 3.22; 3.23; 3.24; 3.25; 3.26. | ||||
| CVE-2002-2163 | 1 Killervault | 1 Kvpoll | 2024-09-17 | N/A |
| KvPoll 1.1 allows remote authenticated users to vote more than once by setting the "already_voted" cookie by various methods, including a direct call to clear_cookies.php. | ||||
| CVE-2005-0991 | 1 Ibm | 1 Aix | 2024-09-17 | N/A |
| RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not "use a secure location for temporary files," which allows local users to have an unknown impact, probably by overwriting files. | ||||
| CVE-2005-2286 | 1 Esi Products | 1 Webeoc | 2024-09-17 | N/A |
| WebEOC before 6.0.2 does not properly check user authorization, which allows remote attackers to gain privileges via a direct request to a resource. | ||||
| CVE-2006-4526 | 1 Devellion | 1 Cubecart | 2024-09-17 | N/A |
| SQL injection vulnerability in includes/content/viewCat.inc.php in CubeCart 3.0.12 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the searchArray[] parameter. | ||||
| CVE-2005-0886 | 1 Invision Power Services | 1 Invision Board | 2024-09-17 | N/A |
| Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP POST request. | ||||
| CVE-2010-3125 | 1 Wolterskluwer | 1 Teammate Audit Management Software Suite | 2024-09-17 | N/A |
| Untrusted search path vulnerability in TeamMate Audit Management Software Suite 8.0 patch 2 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc71enu.dll that is located in the same folder as a .tmx file. | ||||
| CVE-2020-7066 | 5 Debian, Opensuse, Php and 2 more | 6 Debian Linux, Leap, Php and 3 more | 2024-09-17 | 5.3 Medium |
| In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server. | ||||
| CVE-2002-1859 | 1 Orionserver | 1 Orion Application Server | 2024-09-17 | N/A |
| Orion Application Server 1.5.3, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | ||||
| CVE-2005-1859 | 1 Sgi | 1 Propack | 2024-09-17 | N/A |
| Unknown vulnerability in arshell in the Array Service (arrayd) for SGI ProPack 3 with SP 5 and 6, and SGI ProPack 4, allows local users to execute arbitrary shells as root on other hosts in the cluster or array. | ||||
| CVE-2019-11044 | 3 Fedoraproject, Php, Tenable | 3 Fedora, Php, Securitycenter | 2024-09-17 | 3.7 Low |
| In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access. | ||||
| CVE-2002-2225 | 1 Safenet | 1 Softremote Vpn Client | 2024-09-17 | N/A |
| SafeNet VPN client allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly involving buffer overflows using (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload. | ||||