Total
29620 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-125036 | 1 Ansible-ntp Project | 1 Ansible-ntp | 2024-11-21 | 2.6 Low |
| A vulnerability, which was classified as problematic, has been found in drybjed ansible-ntp. Affected by this issue is some unknown functionality of the file meta/main.yml. The manipulation leads to insufficient control of network message volume. The attack can only be done within the local network. The complexity of an attack is rather high. The exploitation is known to be difficult. The patch is identified as ed4ca2cf012677973c220cdba36b5c60bfa0260b. It is recommended to apply a patch to fix this issue. VDB-217190 is the identifier assigned to this vulnerability. | ||||
| CVE-2014-0021 | 3 Chrony Project, Debian, Fedoraproject | 3 Chrony, Debian Linux, Fedora | 2024-11-21 | 7.5 High |
| Chrony before 1.29.1 has traffic amplification in cmdmon protocol | ||||
| CVE-2013-6927 | 1 Triplc | 1 Trilogi Server | 2024-11-21 | 5.5 Medium |
| Internet TRiLOGI Server (unknown versions) could allow a local user to bypass security and create a local user account. | ||||
| CVE-2013-6792 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| Google Android prior to 4.4 has an APK Signature Security Bypass Vulnerability | ||||
| CVE-2013-5657 | 1 Aultware | 1 Pwstore | 2024-11-21 | 7.5 High |
| AultWare pwStore 2010.8.30.0 has DoS via an empty HTTP request | ||||
| CVE-2013-4090 | 1 Varnish Cache Project | 1 Varnish Cache | 2024-11-21 | 7.5 High |
| Varnish HTTP cache before 3.0.4: ACL bug | ||||
| CVE-2013-3629 | 1 Ispconfig | 1 Ispconfig | 2024-11-21 | 8.8 High |
| ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution | ||||
| CVE-2013-2009 | 1 Automattic | 1 Wp Super Cache | 2024-11-21 | 8.8 High |
| WordPress WP Super Cache Plugin 1.2 has Remote PHP Code Execution | ||||
| CVE-2013-1924 | 1 Skill | 1 Commerce Skrill | 2024-11-21 | 7.5 High |
| Commerce Skrill (Formerly Moneybookers) has an Access bypass vulnerability in all versions prior to 7.x-1.2 | ||||
| CVE-2013-1202 | 1 Cisco | 1 Ace Application Control Engine Module A2 | 2024-11-21 | 7.5 High |
| Cisco ACE A2(3.6) allows log retention DoS. | ||||
| CVE-2012-4284 | 1 Sparklabs | 1 Viscosity | 2024-11-21 | 9.8 Critical |
| A Privilege Escalation vulnerability exists in Viscosity 1.4.1 on Mac OS X due to a path name validation issue in the setuid-set ViscosityHelper binary, which could let a remote malicious user execute arbitrary code | ||||
| CVE-2012-2142 | 4 Freedesktop, Opensuse, Redhat and 1 more | 4 Poppler, Opensuse, Enterprise Linux and 1 more | 2024-11-21 | 7.8 High |
| The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator. | ||||
| CVE-2012-1101 | 1 Systemd Project | 1 Systemd | 2024-11-21 | 5.5 Medium |
| systemd 37-1 does not properly handle non-existent services, which causes a denial of service (failure of login procedure). | ||||
| CVE-2012-0718 | 1 Ibm | 1 Tivoli Endpoint Manager | 2024-11-21 | 5.4 Medium |
| IBM Tivoli Endpoint Manager 8 does not set the HttpOnly flag on cookies. | ||||
| CVE-2011-4820 | 1 Ibm | 1 Rational Asset Manager | 2024-11-21 | 4.3 Medium |
| IBM Rational Asset Manager 7.5 could allow a remote attacker to bypass security restrictions. An attacker could exploit this vulnerability using the UID parameter to modify another user's preferences. | ||||
| CVE-2011-3614 | 1 Vanillaforums | 1 Vanilla | 2024-11-21 | 9.8 Critical |
| An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums before 2.0.17.9. | ||||
| CVE-2011-1930 | 2 Debian, Klibc Project | 2 Debian Linux, Klibc | 2024-11-21 | 9.8 Critical |
| In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply which could execute arbitrary code with the privileges of any process which sources DHCP options. | ||||
| CVE-2007-6745 | 2 Clamav, Debian | 2 Clamav, Debian Linux | 2024-11-21 | 9.8 Critical |
| clamav 0.91.2 suffers from a floating point exception when using ScanOLE2. | ||||
| CVE-2007-3732 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| In Linux 2.6 before 2.6.23, the TRACE_IRQS_ON function in iret_exc calls a C function without ensuring that the segments are set properly. The kernel's %fs needs to be restored before the call in TRACE_IRQS_ON and before enabling interrupts, so that "current" references work. Without this, "current" used in the window between iret_exc and the middle of error_code where %fs is reset, would crash. | ||||
| CVE-2004-2776 | 1 Goscript Project | 1 Goscript | 2024-11-20 | 9.8 Critical |
| go.cgi in GoScript 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) query string or (2) artarchive parameter. | ||||