Total
12273 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-4576 | 2 Debian, Freebsd | 2 Debian Linux, Freebsd | 2024-11-21 | 7.8 High |
| FreeBSD: Input Validation Flaw allows local users to gain elevated privileges | ||||
| CVE-2012-4524 | 2 Fedoraproject, Sillycycle | 2 Fedora, Xlockmore | 2024-11-21 | 7.5 High |
| xlockmore before 5.43 'dclock' security bypass vulnerability | ||||
| CVE-2012-4438 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 8.8 High |
| Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code. | ||||
| CVE-2012-4030 | 1 Chamilo | 1 Chamilo Lms | 2024-11-21 | 7.5 High |
| Chamilo before 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote attackers to delete arbitrary files. | ||||
| CVE-2012-3543 | 3 Canonical, Debian, Mono-project | 3 Ubuntu Linux, Debian Linux, Mono | 2024-11-21 | 7.5 High |
| mono 2.10.x ASP.NET Web Form Hash collision DoS | ||||
| CVE-2012-3460 | 1 Redhat | 1 Enterprise Mrg | 2024-11-21 | 9.8 Critical |
| cumin: At installation postgresql database user created without password | ||||
| CVE-2012-3409 | 2 Debian, Ecryptfs | 2 Debian Linux, Ecryptfs-utils | 2024-11-21 | 7.8 High |
| ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation | ||||
| CVE-2012-3338 | 1 Ibm | 1 Infosphere Guardium | 2024-11-21 | 5.3 Medium |
| IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to bypass security restrictions, caused by improper restrictions on the create new user account functionality. An attacker could exploit this vulnerability to create unprivileged user accounts. IBM X-Force ID: 78286. | ||||
| CVE-2012-2350 | 2 Debian, Pam Shield Project | 2 Debian Linux, Pam Shield | 2024-11-21 | 7.5 High |
| pam_shield before 0.9.4: Default configuration does not perform protective action | ||||
| CVE-2012-2248 | 2 Debian, Dhclient Project | 2 Debian Linux, Dhclient | 2024-11-21 | 8.1 High |
| An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable. | ||||
| CVE-2012-1326 | 1 Cisco | 1 Ironport Web Security Appliance | 2024-11-21 | 7.4 High |
| Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks | ||||
| CVE-2012-1168 | 3 Fedoraproject, Moodle, Redhat | 3 Fedora, Moodle, Enterprise Linux | 2024-11-21 | 8.2 High |
| Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified. | ||||
| CVE-2012-0694 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 9.8 Critical |
| SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allows remote attackers to execute arbitrary PHP code. | ||||
| CVE-2012-0334 | 1 Cisco | 1 Ironport Web Security Appliance | 2024-11-21 | 6.4 Medium |
| Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks | ||||
| CVE-2012-0051 | 2 Debian, Tahoe-lafs | 2 Debian Linux, Tahoe-lafs | 2024-11-21 | 7.4 High |
| Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval. | ||||
| CVE-2011-4968 | 2 Debian, F5 | 2 Debian Linux, Nginx | 2024-11-21 | 4.8 Medium |
| nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM) | ||||
| CVE-2011-4967 | 2 Openpegasus, Redhat | 2 Tog-pegasus, Enterprise Linux | 2024-11-21 | 7.5 High |
| tog-Pegasus has a package hash collision DoS vulnerability | ||||
| CVE-2011-4904 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 6.5 Medium |
| TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services. | ||||
| CVE-2011-4902 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 6.5 Medium |
| TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to delete arbitrary files on the webserver. | ||||
| CVE-2011-4310 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | 7.5 High |
| The news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles. | ||||