Total
32783 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-2201 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | 7.5 High |
| IBM WebSphere MQ 7.1 is vulnerable to a denial of service, caused by an error when handling user ids. A remote attacker could exploit this vulnerability to bypass the security configuration setup on a SVRCONN channel and flood the queue manager. | ||||
| CVE-2012-1567 | 1 Linuxmint | 1 Linuxmint | 2024-11-21 | 7.5 High |
| LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintUpdate. | ||||
| CVE-2012-1566 | 1 Linuxmint | 1 Linuxmint | 2024-11-21 | 7.5 High |
| LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintNanny. | ||||
| CVE-2012-10016 | 1 Halulu | 1 Simple-download-button-shortcode | 2024-11-21 | 4.3 Medium |
| A vulnerability classified as problematic has been found in Halulu simple-download-button-shortcode Plugin 1.0 on WordPress. Affected is an unknown function of the file simple-download-button_dl.php of the component Download Handler. The manipulation of the argument file leads to information disclosure. It is possible to launch the attack remotely. Upgrading to version 1.1 is able to address this issue. The patch is identified as e648a8706818297cf02a665ae0bae1c069dea5f1. It is recommended to upgrade the affected component. VDB-242190 is the identifier assigned to this vulnerability. | ||||
| CVE-2012-0063 | 1 Tucaneando | 1 Tucan | 2024-11-21 | 8.1 High |
| Insecure plugin update mechanism in tucan through 0.3.10 could allow remote attackers to perform man-in-the-middle attacks and execute arbitrary code ith the permissions of the user running tucan. | ||||
| CVE-2011-5331 | 1 Distributed Ruby Project | 1 Distributed Ruby | 2024-11-21 | 9.8 Critical |
| Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval. | ||||
| CVE-2011-5330 | 1 Distributed Ruby Project | 1 Distributed Ruby | 2024-11-21 | 9.8 Critical |
| Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls. | ||||
| CVE-2011-4943 | 1 Impresspages | 1 Impresspages Cms | 2024-11-21 | 9.8 Critical |
| ImpressPages CMS v1.0.12 has Unspecified Remote Code Execution (fixed in v1.0.13) | ||||
| CVE-2011-4917 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat. | ||||
| CVE-2011-4117 | 1 Cpan | 1 Batch\ | 2024-11-21 | 7.5 High |
| The Batch::BatchRun module 1.03 for Perl does not properly handle temporary files. | ||||
| CVE-2011-4115 | 1 Cpan | 1 Parallel\ | 2024-11-21 | 7.5 High |
| Parallel::ForkManager module before 1.0.0 for Perl does not properly handle temporary files. | ||||
| CVE-2011-3621 | 1 Fluxbb | 1 Fluxbb | 2024-11-21 | 9.8 Critical |
| A reverse proxy issue exists in FluxBB before 1.4.7 when FORUM_BEHIND_REVERSE_PROXY is enabled. | ||||
| CVE-2011-2668 | 1 Mozilla | 1 Firefox | 2024-11-21 | 8.8 High |
| Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the content-length header | ||||
| CVE-2011-2177 | 1 Apache | 1 Openoffice | 2024-11-21 | 7.8 High |
| OpenOffice.org v3.3 allows execution of arbitrary code with the privileges of the user running the OpenOffice.org suite tools. | ||||
| CVE-2011-1517 | 1 Sap | 1 Netweaver | 2024-11-21 | 9.8 Critical |
| SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash. | ||||
| CVE-2009-1120 | 1 Dell | 1 Emc Replistor | 2024-11-21 | 9.8 Critical |
| EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker. | ||||
| CVE-2005-2354 | 1 Nvu | 1 Nvu | 2024-11-20 | 9.8 Critical |
| Nvu 0.99+1.0pre uses an old copy of Mozilla XPCOM which can result in multiple security issues. | ||||
| CVE-2003-5001 | 1 Ibm | 1 Iss Blackice Pc Protection | 2024-11-20 | 5.3 Medium |
| A vulnerability was found in ISS BlackICE PC Protection and classified as critical. Affected by this issue is the component Cross Site Scripting Detection. The manipulation as part of POST/PUT/DELETE/OPTIONS Request leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2024-50968 | 1 Adonesevangelista | 2 Agri-trading Online Shopping System, Trading Online Shopping System | 2024-11-20 | 7.5 High |
| A business logic vulnerability exists in the Add to Cart function of itsourcecode Agri-Trading Online Shopping System 1.0, which allows remote attackers to manipulate the quant parameter when adding a product to the cart. By setting the quantity value to -0, an attacker can exploit a flaw in the application's total price calculation logic. This vulnerability causes the total price to be reduced to zero, allowing the attacker to add items to the cart and proceed to checkout. | ||||
| CVE-2023-35686 | 1 Google | 1 Android | 2024-11-20 | 7.8 High |
| In PVRSRVRGXKickTA3DKM of rgxta3d.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||