Export limit exceeded: 363429 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363429 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 26247 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (26247 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-0677 | 1 Cisco | 1 Nx-os | 2025-04-11 | N/A |
| The Label Distribution Protocol (LDP) functionality in Cisco NX-OS allows remote attackers to cause a denial of service (temporary LDP session outage) via LDP discovery traffic containing malformed Hello messages, aka Bug ID CSCul88851. | ||||
| CVE-2012-3371 | 1 Openstack | 3 Compute, Essex, Folsom | 2025-04-11 | N/A |
| The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service (excessive database lookup calls and server hang) via a request with many repeated IDs in the os:scheduler_hints section. | ||||
| CVE-2013-0939 | 1 Emc | 4 Documentum Records Manager, Documentum Taskspace, Documentum Wdk and 1 more | 2025-04-11 | N/A |
| EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allow remote attackers to obtain sensitive information via vectors involving cross-origin frame navigation, related to a "Cross Frame Scripting" issue. | ||||
| CVE-2009-4511 | 1 Vsecurity | 1 Tandberg Video Communication Server | 2025-04-11 | N/A |
| Multiple directory traversal vulnerabilities in the web administration interface on the TANDBERG Video Communication Server (VCS) before X5.1 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter to (1) helppage.php or (2) user/helppage.php. | ||||
| CVE-2011-3363 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-11 | 6.5 Medium |
| The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service (system crash) by placing a referral at the root of a share. | ||||
| CVE-2013-0943 | 1 Emc | 1 Networker | 2025-04-11 | N/A |
| EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration information by leveraging operating-system privileges to perform decryption with nsradmin. | ||||
| CVE-2011-3365 | 2 Kde, Redhat | 2 Kde Sc, Enterprise Linux | 2025-04-11 | N/A |
| The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text. | ||||
| CVE-2013-0944 | 1 Emc | 1 Avamar | 2025-04-11 | N/A |
| The web-based file-restore interface in EMC Avamar Server before 6.1.0 allows remote authenticated users to read arbitrary files via a crafted URL. | ||||
| CVE-2011-3366 | 1 Adjam | 1 Rekonq | 2025-04-11 | N/A |
| Rekonq 0.7.0 and earlier does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text. | ||||
| CVE-2013-0945 | 1 Emc | 1 Avamar | 2025-04-11 | N/A |
| EMC Avamar Client before 6.1.101-89 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | ||||
| CVE-2011-3367 | 1 Arora-browser | 1 Arora | 2025-04-11 | N/A |
| Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name (CN) of a certificate via rich text. | ||||
| CVE-2012-3430 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-11 | N/A |
| The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket. | ||||
| CVE-2012-3436 | 1 Openttd | 1 Openttd | 2025-04-11 | N/A |
| OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a certain sequence of steps related to "the water/coast aspect of tiles which also have railtracks on one half." | ||||
| CVE-2012-3497 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| (1) TMEMC_SAVE_GET_CLIENT_WEIGHT, (2) TMEMC_SAVE_GET_CLIENT_CAP, (3) TMEMC_SAVE_GET_CLIENT_FLAGS and (4) TMEMC_SAVE_END in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (NULL pointer dereference or memory corruption and host crash) or possibly have other unspecified impacts via a NULL client id. | ||||
| CVE-2009-4854 | 1 Scripts.oldguy | 1 Talkback | 2025-04-11 | N/A |
| addons/import.php in TalkBack 2.3.14 allows remote attackers to execute arbitrary commands via the result parameter. | ||||
| CVE-2012-3525 | 3 Jabber2, Jabberd2, Redhat | 4 Jabberd2, Jabberd2, Network Proxy and 1 more | 2025-04-11 | N/A |
| s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Authorization Response. | ||||
| CVE-2012-3581 | 1 Symantec | 1 Messaging Gateway | 2025-04-11 | N/A |
| Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive information about component versions via unspecified vectors. | ||||
| CVE-2009-5033 | 1 Ibm | 1 Lotus Notes Traveler | 2025-04-11 | N/A |
| IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle a "* *" argument sequence for a certain tell command, which allows remote authenticated users to obtain access to other users' data via a sync operation, related to storage of the data of multiple users within the same thread. | ||||
| CVE-2013-5470 | 1 Cisco | 1 Secure Access Control System | 2025-04-11 | N/A |
| Cisco Secure Access Control System (ACS) does not properly handle requests to read from the TACACS+ socket, which allows remote attackers to cause a denial of service (process crash) via malformed TCP packets, aka Bug ID CSCuh12488. | ||||
| CVE-2009-5035 | 1 Ibm | 1 Lotus Notes Traveler | 2025-04-11 | N/A |
| The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle multiple outgoing e-mail messages between sync operations, which might allow remote attackers to read communications intended for other recipients by examining appended messages. | ||||