Total
28586 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-1438 | 3 Ibm, Linux, Microsoft | 4 Db2, Db2 Connect, Linux Kernel and 1 more | 2024-09-17 | N/A |
IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128057. | ||||
CVE-2021-0237 | 1 Juniper | 11 Ex4300-mp, Ex4600, Ex4650 and 8 more | 2024-09-17 | 6.5 Medium |
On Juniper Networks EX4300-MP Series, EX4600 Series, EX4650 Series, QFX5K Series deployed as a Virtual Chassis with a specific Layer 2 circuit configuration, Packet Forwarding Engine manager (FXPC) process may crash and restart upon receipt of specific layer 2 frames. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS on EX4300-MP Series, EX4600 Series, EX4650 Series, QFX5K Series 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4, 17.4R3-S5; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R2-S7, 18.4R3-S6; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S1; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2, 20.2R3; 20.3 versions prior to 20.3R1-S2, 20.3R2; | ||||
CVE-2019-0088 | 1 Intel | 1 System Support Utility | 2024-09-17 | N/A |
Insufficient path checking in Intel(R) System Support Utility for Windows before 2.5.0.15 may allow an authenticated user to potentially enable an escalation of privilege via local access. | ||||
CVE-2017-0753 | 1 Google | 1 Android | 2024-09-17 | N/A |
A remote code execution vulnerability in the Android libraries (libgdx). Product: Android. Versions: 7.1.1, 7.1.2, 8.0. Android ID: A-62218744. | ||||
CVE-2017-7970 | 1 Schneider-electric | 3 Citect Anywhere, Powerscada Anywhere, Powerscada Expert | 2024-09-17 | N/A |
A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 that allows the ability to specify Arbitrary Server Target Nodes in connection requests to the Secure Gateway and Server components. | ||||
CVE-2017-1714 | 1 Ibm | 2 Client Application Access, Notes | 2024-09-17 | N/A |
IBM Notes and Domino NSD 8.5 and 9.0 could allow an authenticated local user without administrative privileges to gain System privilege. IBM X-Force ID: 134633. | ||||
CVE-2017-6266 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-09-17 | N/A |
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where improper access controls could allow unprivileged users to cause a denial of service. | ||||
CVE-2013-5765 | 1 Oracle | 1 Peoplesoft Products | 2024-09-17 | N/A |
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect availability via vectors related to XML Publisher. | ||||
CVE-2019-0064 | 1 Juniper | 4 Junos, Srx5400, Srx5600 and 1 more | 2024-09-17 | 7.5 High |
On SRX5000 Series devices, if 'set security zones security-zone <zone> tcp-rst' is configured, the flowd process may crash when a specific TCP packet is received by the device and triggers a new session. The process restarts automatically. However, receipt of a constant stream of these TCP packets may result in an extended Denial of Service (DoS) condition on the device. This issue affects Juniper Networks Junos OS: 18.2R3 on SRX 5000 Series; 18.4R2 on SRX 5000 Series; 19.2R1 on SRX 5000 Series. | ||||
CVE-2018-0808 | 1 Microsoft | 1 Asp.net Core | 2024-09-17 | N/A |
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how ASP.NET web applications handle web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0784. | ||||
CVE-2011-0844 | 1 Oracle | 1 Sun Products Suite | 2024-09-17 | N/A |
Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in Oracle Sun Products Suite 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Authentication. | ||||
CVE-2020-1638 | 1 Juniper | 11 Junos, Junos Os Evolved, Mx10003 and 8 more | 2024-09-17 | 7.5 High |
The FPC (Flexible PIC Concentrator) of Juniper Networks Junos OS and Junos OS Evolved may restart after processing a specific IPv4 packet. Only packets destined to the device itself, successfully reaching the RE through existing edge and control plane filtering, will be able to cause the FPC restart. When this issue occurs, all traffic via the FPC will be dropped. By continuously sending this specific IPv4 packet, an attacker can repeatedly crash the FPC, causing an extended Denial of Service (DoS) condition. This issue can only occur when processing a specific IPv4 packet. IPv6 packets cannot trigger this issue. This issue affects: Juniper Networks Junos OS on MX Series with MPC10E or MPC11E and PTX10001: 19.2 versions prior to 19.2R1-S4, 19.2R2; 19.3 versions prior to 19.3R2-S2, 19.3R3; 19.4 versions prior to 19.4R1-S1, 19.4R2. Juniper Networks Junos OS Evolved on on QFX5220, and PTX10003 series: 19.2-EVO versions; 19.3-EVO versions; 19.4-EVO versions prior to 19.4R2-EVO. This issue does not affect Junos OS versions prior to 19.2R1. This issue does not affect Junos OS Evolved versions prior to 19.2R1-EVO. | ||||
CVE-2019-11208 | 1 Tibco | 1 Api Exchange Gateway | 2024-09-17 | 9.9 Critical |
The authorization component of TIBCO Software Inc.'s TIBCO API Exchange Gateway, and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically processes OAuth authorization incorrectly, leading to potential escalation of privileges for the specific customer endpoint, when the implementation uses multiple scopes. This issue affects: TIBCO Software Inc.'s TIBCO API Exchange Gateway version 2.3.1 and prior versions, and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric version 2.3.1 and prior versions. | ||||
CVE-2019-4131 | 1 Ibm | 1 Cloud Application Performance Management | 2024-09-17 | 5.3 Medium |
IBM Application Performance Management (IBM Monitoring 8.1.4) could allow a remote attacker to induce the application to perform server-side DNS lookups of arbitrary domain names. IBM X-Force ID: 158270. | ||||
CVE-2012-1997 | 1 Hp | 1 Systems Insight Manager | 2024-09-17 | N/A |
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-1998. | ||||
CVE-2020-4362 | 1 Ibm | 1 Websphere Application Server | 2024-09-17 | 8.8 High |
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is vulnerable to a privilege escalation vulnerability when using token-based authentication in an admin request over the SOAP connector. IBM X-Force ID: 178929. | ||||
CVE-2012-4343 | 1 Menalto | 1 Gallery | 2024-09-17 | N/A |
Multiple unspecified vulnerabilities in Gallery 3 before 3.0.4 allow attackers to execute arbitrary PHP code via unknown vectors. | ||||
CVE-2018-1796 | 1 Ibm | 1 Informix Dynamic Server | 2024-09-17 | 7.8 High |
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user to load malicious libraries and gain root privileges. IBM X-Force ID: 149426. | ||||
CVE-2018-17012 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-09-17 | N/A |
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for hosts_info set_block_flag up_limit. | ||||
CVE-2018-0845 | 1 Microsoft | 3 Office, Office Compatibility Pack, Word | 2024-09-17 | N/A |
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807. |