Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3531 | 1 Oracle | 1 Fusion Middleware | 2012-02-06 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote attackers to affect availability via unknown vectors related to Web Services Security. | |||||
| CVE-2011-3569 | 1 Oracle | 1 Fusion Middleware | 2012-02-06 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote attackers to affect confidentiality via unknown vectors related to Web Services Security. | |||||
| CVE-2011-3574 | 1 Oracle | 1 Communications Unified | 2012-02-06 | 3.3 LOW | N/A |
| Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confidentiality and integrity via unknown vectors related to Calendar Server. | |||||
| CVE-2011-3573 | 1 Oracle | 1 Communications Unified | 2012-02-06 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Communications Unified 7.0 allows remote authenticated users to affect availability via unknown vectors related to Calendar Server. | |||||
| CVE-2011-4513 | 1 Siemens | 5 Simatic Hmi Panels, Wincc, Wincc Flexible and 2 more | 2012-02-05 | 10.0 HIGH | N/A |
| Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file, related to the HMI web server and runtime loader. | |||||
| CVE-2011-3462 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-02-02 | 5.0 MEDIUM | N/A |
| Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP volume or Time Capsule, which allows remote attackers to obtain sensitive information contained in new backups by spoofing this storage object, a different vulnerability than CVE-2010-1803. | |||||
| CVE-2011-3446 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-02-02 | 7.5 HIGH | N/A |
| Apple Type Services (ATS) in Apple Mac OS X before 10.7.3 does not properly manage memory for data-font files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font that is accessed by Font Book. | |||||
| CVE-2011-5075 | 1 Sitracker | 1 Support Incident Tracker | 2012-02-01 | 5.0 MEDIUM | N/A |
| translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to obtain sensitive information via a direct request using the save action, which reveals the installation path. | |||||
| CVE-2007-5635 | 1 Sitracker | 1 Support Incident Tracker | 2012-02-01 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Salford Software Support Incident Tracker (SiT!) before 3.30 have unknown impact and attack vectors. | |||||
| CVE-2011-4165 | 1 Hp | 1 Database Archiving Software | 2012-02-01 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1263. | |||||
| CVE-2011-4164 | 1 Hp | 1 Database Archiving Software | 2012-02-01 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1214. | |||||
| CVE-2011-4163 | 1 Hp | 1 Database Archiving Software | 2012-02-01 | 10.0 HIGH | N/A |
| Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1213. | |||||
| CVE-2011-4899 | 1 Wordpress | 1 Wordpress | 2012-01-31 | 7.5 HIGH | N/A |
| ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to configure an arbitrary database via the dbhost and dbname parameters, and subsequently conduct static code injection and cross-site scripting (XSS) attacks via (1) an HTTP request or (2) a MySQL query. NOTE: the vendor disputes the significance of this issue; however, remote code execution makes the issue important in many realistic environments. | |||||
| CVE-2012-0937 | 1 Wordpress | 1 Wordpress | 2012-01-30 | 5.0 MEDIUM | N/A |
| ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attackers to use WordPress as a proxy for brute-force attacks or denial of service attacks via the dbhost parameter, a different vulnerability than CVE-2011-4898. NOTE: the vendor disputes the significance of this issue because an incomplete WordPress installation might be present on the network for only a short time. | |||||
| CVE-2012-0885 | 1 Asterisk | 1 Open Source | 2012-01-26 | 4.3 MEDIUM | N/A |
| chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the res_srtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SDP message with a crypto attribute and a (1) video or (2) text media type, as demonstrated by CSipSimple. | |||||
| CVE-2011-4873 | 1 Atvise | 1 Atvise | 2012-01-20 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the server in Certec EDV atvise before 2.1 allows remote attackers to cause a denial of service (daemon crash) via crafted requests to TCP port 4840. | |||||
| CVE-2011-3568 | 1 Oracle | 1 Fusion Middleware | 2012-01-19 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Web Services Security. | |||||
| CVE-2011-3564 | 1 Oracle | 1 Sun Glassfish Enterprise Server | 2012-01-19 | 2.1 LOW | N/A |
| Unspecified vulnerability in Oracle GlassFish Enterprise Server 2.1.1 allows local users to affect confidentiality via unknown vectors related to Administration. | |||||
| CVE-2011-2271 | 1 Oracle | 1 E-business Suite | 2012-01-18 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote authenticated users to affect integrity via unknown vectors related to Attachments / File Upload. | |||||
| CVE-2011-3566 | 1 Oracle | 1 Fusion Middleware | 2012-01-18 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4, 10.0.2, 10.3.3, 10.3.4, and 10.3.5 allows remote attackers to affect availability via unknown vectors related to Web Container. | |||||