Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4363 | 4 Adobe, Apple, Linux and 1 more | 4 Acrobat Reader, Mac Os X, Linux Kernel and 1 more | 2017-08-28 | 9.3 HIGH | N/A |
| Multiple unspecified vulnerabilities in Adobe Reader through 10.1.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, related to "sixteen more crashes affecting Windows, OS X, or both systems." | |||||
| CVE-2012-3802 | 2 Drupal, Peter Pokrivcak | 2 Drupal, Post Affiliate Pro | 2017-08-28 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Post Affiliate Pro (PAP) module for Drupal allows remote authenticated users to read the commissions of other users via unknown attack vectors. | |||||
| CVE-2012-4830 | 1 Ibm | 1 Websphere Commerce | 2017-08-28 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11 and 7.0 through 7.0.0.6 allows remote attackers to obtain users' personal data via unknown vectors. | |||||
| CVE-2012-4859 | 1 Ibm | 1 Tivoli Storage Manager For Space Management | 2017-08-28 | 7.2 HIGH | N/A |
| Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows local users to read or modify file system objects via unknown vectors. | |||||
| CVE-2012-5937 | 1 Ibm | 4 Gentran Integration Suite, Sterling B2b Integrator, Sterling File Gateway and 1 more | 2017-08-28 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the CLA2 server in IBM Gentran Integration Suite 4.3, Sterling Integrator 5.0 and 5.1, and Sterling B2B Integrator 5.2, as used in IBM Sterling File Gateway 1.1 through 2.2 and other products, allows remote attackers to execute arbitrary commands via unknown vectors. | |||||
| CVE-2012-5895 | 1 Irods | 1 Irods | 2017-08-28 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in iRODS before 3.1 have unknown impact and attack vectors. | |||||
| CVE-2012-5859 | 1 Samsung | 1 Kies Air | 2017-08-28 | 5.0 MEDIUM | N/A |
| Samsung Kies Air 2.1.207051 and 2.1.210161 allows remote attackers to cause a denial of service (crash) via a crafted request to www/apps/KiesAir/jws/ssd.php. | |||||
| CVE-2012-5767 | 1 Ibm | 2 Ts3500 Tape Library, Ts3500 Tape Library Firmware | 2017-08-28 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the web interface on the IBM TS3500 Tape Library with firmware before C260 allows remote authenticated users to gain privileges via unspecified vectors. | |||||
| CVE-2012-5515 | 1 Xen | 1 Xen | 2017-08-28 | 4.7 MEDIUM | N/A |
| The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value. | |||||
| CVE-2012-5827 | 1 Joomla | 1 Joomla\! | 2017-08-28 | 4.3 MEDIUM | N/A |
| Joomla! 2.5.x before 2.5.8 and 3.0.x before 3.0.2 allows remote attackers to conduct clickjacking attacks via unspecified vectors involving "Inadequate protection." | |||||
| CVE-2012-5860 | 1 Oberthur | 1 Id-one Cosmo | 2017-08-28 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability on Oberthur ID-One COSMO 5.2, 5.2a, and 64 smart cards makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging the generation of non-compliant public keys. | |||||
| CVE-2012-3224 | 1 Oracle | 1 Financial Services Software | 2017-08-28 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.1.0, 5.2.0, and 5.3.0 through 5.3.4 allows remote authenticated users to affect confidentiality, related to BASE. | |||||
| CVE-2012-3267 | 1 Hp | 1 Network Node Manager I | 2017-08-28 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.20 allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2012-1741 | 1 Oracle | 1 Fusion Middleware | 2017-08-28 | 5.8 MEDIUM | N/A |
| Unspecified vulnerability in the Enterprise Manager for Fusion Middleware component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality and integrity via unknown vectors related to User Administration Pages. | |||||
| CVE-2012-3271 | 1 Hp | 2 Integrated Lights-out 3 Firmware, Integrated Lights-out 4 Firmware | 2017-08-28 | 9.3 HIGH | N/A |
| Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) with firmware before 1.50 and Integrated Lights-Out 4 (aka iLO4) with firmware before 1.13 allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2012-1742 | 1 Oracle | 1 Siebel Crm | 2017-08-28 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect availability via unknown vectors related to UI Framework, a different vulnerability than CVE-2012-1760. | |||||
| CVE-2012-2048 | 1 Adobe | 1 Coldfusion | 2017-08-28 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Adobe ColdFusion 10 and earlier allows attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2012-3227 | 1 Oracle | 1 Financial Services Software | 2017-08-28 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, and 11.0.0 through 11.2.0 allows remote authenticated users to affect integrity, related to BASE, a different vulnerability than CVE-2012-3141. | |||||
| CVE-2012-3153 | 1 Oracle | 1 Fusion Middleware | 2017-08-28 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Servlet. NOTE: the previous information is from the October 2012 CPU. Oracle has not commented on claims from the original researcher that the PARSEQUERY function allows remote attackers to obtain database credentials via reports/rwservlet/parsequery, and that this issue occurs in earlier versions. NOTE: this can be leveraged with CVE-2012-3152 to execute arbitrary code by uploading a .jsp file. | |||||
| CVE-2012-3228 | 1 Oracle | 1 Financial Services Software | 2017-08-28 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.0.5, 5.1.0, 5.2.0, 5.3.0 through 5.3.4, 6.0.1, and 6.2.0 allows remote authenticated users to affect integrity and availability, related to BASE. | |||||