Export limit exceeded: 12174 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (12174 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-7212 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2025-04-12 | N/A |
| Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow remote attackers to execute arbitrary code via a crafted image file, aka "Windows Remote Code Execution Vulnerability." | ||||
| CVE-2015-5176 | 1 Redhat | 2 Jboss Enterprise Portal Platform, Jboss Portal | 2025-04-12 | N/A |
| The PortletRequestDispatcher in PortletBridge, as used in Red Hat JBoss Portal 6.2.0, does not properly enforce the security constraints of servlets, which allows remote attackers to gain access to resources via a request that asks to render a non-JSF resource. | ||||
| CVE-2016-6825 | 1 Huawei | 12 Rh1288 V3 Server, Rh1288 V3 Server Firmware, Rh2288 V3 Server and 9 more | 2025-04-12 | N/A |
| Huawei XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, and RH2288H V3 servers with software before V100R003C00SPC515 allow remote attackers to obtain passwords via a brute-force attack, related to "lack of authentication protection mechanisms." | ||||
| CVE-2016-1710 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2025-04-12 | N/A |
| The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not prevent window creation by a deferred frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. | ||||
| CVE-2015-6675 | 1 Siemens | 1 Ruggedcom Rugged Operating System | 2025-04-12 | N/A |
| Siemens RUGGEDCOM ROS 3.8.0 through 4.1.x permanently enables the IP forwarding feature, which allows remote attackers to bypass a VLAN isolation protection mechanism via IP traffic. | ||||
| CVE-2016-2243 | 3 Hp, Samsung, Zyxel | 30 1000 Series Firmware, 700 Series Firmware, 800 Series Firmware and 27 more | 2025-04-12 | N/A |
| Sure Start on HP Commercial PCs 2015 allows local users to cause a denial of service (BIOS recovery failure) by leveraging administrative access. | ||||
| CVE-2016-5130 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2025-04-12 | N/A |
| content/renderer/history_controller.cc in Google Chrome before 52.0.2743.82 does not properly restrict multiple uses of a JavaScript forward method, which allows remote attackers to spoof the URL display via a crafted web site. | ||||
| CVE-2016-5133 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2025-04-12 | N/A |
| Google Chrome before 52.0.2743.82 mishandles origin information during proxy authentication, which allows man-in-the-middle attackers to spoof a proxy-authentication login prompt or trigger incorrect credential storage by modifying the client-server data stream. | ||||
| CVE-2016-2887 | 2 Ibm, Microsoft | 2 Ims Enterprise Suite, .net Framework | 2025-04-12 | N/A |
| IBM IMS Enterprise Suite Data Provider before 3.2.0.1 for Microsoft .NET allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. | ||||
| CVE-2016-1905 | 2 Kubernetes, Redhat | 2 Kubernetes, Openshift | 2025-04-12 | N/A |
| The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object. | ||||
| CVE-2016-0392 | 1 Ibm | 2 Elastic Storage Server, General Parallel File System Storage Server | 2025-04-12 | N/A |
| IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a setuid program. | ||||
| CVE-2016-1906 | 2 Kubernetes, Redhat | 2 Kubernetes, Openshift | 2025-04-12 | N/A |
| Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed. | ||||
| CVE-2013-7366 | 1 Sap | 1 Software Deployment Manager | 2025-04-12 | N/A |
| The SAP Software Deployment Manager (SDM), in certain unspecified conditions, allows remote attackers to cause a denial of service via vectors related to failed authentications. | ||||
| CVE-2016-5700 | 1 F5 | 8 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Application Acceleration Manager and 5 more | 2025-04-12 | N/A |
| Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 11.6.1 before HF1, 12.0.0 before HF4, and 12.1.0 before HF2, when configured with the HTTP Explicit Proxy functionality or SOCKS profile, allow remote attackers to modify the system configuration, read system files, and possibly execute arbitrary code via unspecified vectors. | ||||
| CVE-2016-5576 | 1 Oracle | 1 Solaris | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel Zones. | ||||
| CVE-2016-5575 | 1 Oracle | 1 Common Applications | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle Common Applications Calendar component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Resources Module. | ||||
| CVE-2016-5574 | 1 Oracle | 1 Outside In Technology | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.5.1 through 8.5.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters, a different vulnerability than CVE-2016-5558, CVE-2016-5577, CVE-2016-5578, CVE-2016-5579, and CVE-2016-5588. | ||||
| CVE-2016-5571 | 1 Oracle | 1 Applications Dba | 2025-04-12 | N/A |
| Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.1.3 and 12.2.3 through 12.2.6 allows remote administrators to affect confidentiality and integrity via vectors related to AD Utilities, a different vulnerability than CVE-2016-5567. | ||||
| CVE-2016-3105 | 2 Debian, Mercurial | 2 Debian Linux, Mercurial | 2025-04-12 | N/A |
| The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name. | ||||
| CVE-2015-3971 | 1 Janitza | 5 Umg 508, Umg 509, Umg 511 and 2 more | 2025-04-12 | N/A |
| The debug interface on Janitza UMG 508, 509, 511, 604, and 605 devices does not require authentication, which allows remote attackers to read or write to files, or execute arbitrary JASIC code, via a session on TCP port 1239. | ||||