Total
29099 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-5218 | 1 Dupehunter | 1 Dupehunter | 2024-09-17 | N/A |
| Untrusted search path vulnerability in Dupehunter 9.0.0.3911 allows local users to gain privileges via a Trojan horse Fwpuclnt.dll file in the current working directory, as demonstrated by a directory that contains a .dhjb file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2003-1516 | 1 Sun | 1 Java Plug-in | 2024-09-17 | N/A |
| The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet. | ||||
| CVE-2004-2317 | 1 Mbedthis Software | 1 Mbedthis Appweb Http Server | 2024-09-17 | N/A |
| Information leak in Mbedthis AppWeb HTTP server 1.0 through 1.1.2 allows remote attackers to obtain sensitive information via a user message that is generated when Mbedthis denies access. | ||||
| CVE-2022-28761 | 1 Zoom | 1 Zoom On-premise Meeting Connector Mmr | 2024-09-17 | 6.5 Medium |
| Zoom On-Premise Meeting Connector MMR before version 4.8.20220916.131 contains an improper access control vulnerability. As a result, a malicious actor in a meeting or webinar they are authorized to join could prevent participants from receiving audio and video causing meeting disruptions. | ||||
| CVE-2022-0026 | 2 Microsoft, Paloaltonetworks | 2 Windows, Cortex Xdr Agent | 2024-09-17 | 6.7 Medium |
| A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This issue impacts all versions of Cortex XDR agent without content update 330 or a later content update version. | ||||
| CVE-2012-1365 | 1 Cisco | 1 Unified Computing System Infrastructure And Unified Computing System Software | 2024-09-17 | N/A |
| Cisco Unified Computing System (UCS) 1.4 and 2.0 allows remote authenticated users to cause a denial of service (device reload) via a malformed SNMP request to a Fabric Interconnect (FI) device, aka Bug ID CSCts32463. | ||||
| CVE-2005-1582 | 1 1two | 1 1two News | 2024-09-17 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for 1Two News 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) nom, (2) email, (3) siteweb, or (4) commentaire variables. | ||||
| CVE-2005-1581 | 1 Eric Fichot | 1 Bug Report | 2024-09-17 | N/A |
| Cross-site scripting (XSS) vulnerability in Bug Report 1.0 allows remote attackers to inject arbitrary web script or HTML via various fields to bug_report.php, which are not filtered or quoted when processed by bug_list.php or admin/index.php. | ||||
| CVE-2007-1408 | 1 Vallheru | 1 Vallheru | 2024-09-17 | N/A |
| Multiple vulnerabilities in (1) bank.php, (2) landfill.php, (3) outposts.php, (4) tribes.php, (5) house.php, (6) tribearmor.php, (7) tribeastral.php, (8) tribeware.php, and (9) includes/head.php in Bartek Jasicki Vallheru before 1.3 beta have unknown impact and remote attack vectors, probably related to large integer values containing more than 15 digits. NOTE: the original vendor report is for integer overflows, but this is probably an incorrect usage of the term. | ||||
| CVE-2003-0784 | 1 Ibm | 1 Aix | 2024-09-17 | N/A |
| Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers. | ||||
| CVE-2021-28579 | 1 Adobe | 1 Connect | 2024-09-17 | 4.3 Medium |
| Adobe Connect version 11.2.1 (and earlier) is affected by an Improper access control vulnerability that can lead to the elevation of privileges. An attacker with 'Learner' permissions can leverage this scenario to access the list of event participants. | ||||
| CVE-2005-2283 | 1 Esi Products | 1 Webeoc | 2024-09-17 | N/A |
| WebEOC before 6.0.2 does not properly restrict the size of an uploaded file, which allows remote authenticated users to cause a denial of service (system and database resource consumption) via a large file. | ||||
| CVE-2005-4842 | 1 Microsoft | 1 Internet Explorer | 2024-09-17 | N/A |
| The System Monitor Source Properties control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer. | ||||
| CVE-2006-6470 | 1 Xerox | 1 Workcentre | 2024-09-17 | N/A |
| The SNMP Agent in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 returns no error for a non-writable object, which has unknown impact and attack vectors. NOTE: due to the vagueness of the advisory, it is not clear whether this is a vulnerability, or a bug in a security feature. | ||||
| CVE-2006-3415 | 1 Tor | 1 Tor | 2024-09-17 | N/A |
| Tor before 0.1.1.20 uses improper logic to validate the "OR" destination, which allows remote attackers to perform a man-in-the-middle (MITM) attack via unspecified vectors. | ||||
| CVE-2010-2619 | 1 Citrix | 1 Xenserver | 2024-09-17 | N/A |
| Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger "incorrectly set flags." | ||||
| CVE-2002-1799 | 1 Phprank | 1 Phprank | 2024-09-17 | N/A |
| Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the (1) email parameter to add.php or (2) banurl parameter. | ||||
| CVE-2005-3630 | 1 Redhat | 1 Fedora Core | 2024-09-17 | N/A |
| Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives. | ||||
| CVE-2003-0677 | 1 Cisco | 1 Webns | 2024-09-17 | N/A |
| Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure." | ||||
| CVE-2002-1948 | 1 Gringotts | 1 Gringotts | 2024-09-17 | N/A |
| Multiple buffer overflows in Gringotts 0.5.9 allows local users to execute arbitrary commands via unknown attack vectors. | ||||