Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-4690 | 1 Opera | 1 Opera Browser | 2012-03-05 | 5.0 MEDIUM | N/A |
| Opera 11.60 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code. | |||||
| CVE-2011-2653 | 1 Novell | 1 Zenworks Asset Management | 2012-03-04 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote attackers to execute arbitrary code by uploading an executable file. | |||||
| CVE-2011-3179 | 1 Novell | 2 Groupwise Messenger, Messenger | 2012-03-04 | 5.0 MEDIUM | N/A |
| The server process in Novell Messenger 2.1 and 2.2.x before 2.2.1, and Novell GroupWise Messenger 2.04 and earlier, allows remote attackers to read from arbitrary memory locations via a crafted command. | |||||
| CVE-2011-4054 | 1 Ca | 1 Siteminder | 2012-03-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in login.fcc in CA SiteMinder R6 SP6 before CR7 and R12 SP3 before CR8 allows remote attackers to inject arbitrary web script or HTML via the postpreservationdata parameter. | |||||
| CVE-2011-4264 | 1 Etomite | 1 Etomite | 2012-03-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Etomite before 1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-4265 | 1 Phpwebsite | 1 Phpwebsite | 2012-03-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phpWebSite before 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2011-4487 | 1 Cisco | 7 Business Edition 3000, Business Edition 3000 Software, Business Edition 5000 and 4 more | 2012-03-04 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before 8.6(2a)su1 allows remote attackers to execute arbitrary SQL commands via a crafted SCCP registration, aka Bug ID CSCtu73538. | |||||
| CVE-2011-4803 | 2 Bravenewcode, Wordpress | 2 Wptouch, Wordpress | 2012-03-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2012-0321 | 1 Kingsoft | 1 Internet Security | 2012-03-04 | 2.1 LOW | N/A |
| Unspecified vulnerability in the device driver in Kingsoft Internet Security 2011 allows local users to cause a denial of service via a crafted application. | |||||
| CVE-2011-3443 | 1 Apple | 1 Safari | 2012-03-01 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors related to improper list management for Cascading Style Sheets (CSS) @font-face rules. | |||||
| CVE-2011-4486 | 1 Cisco | 7 Business Edition 3000, Business Edition 3000 Software, Business Edition 5000 and 4 more | 2012-02-29 | 7.8 HIGH | N/A |
| Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before 8.6(2a)su1 allow remote attackers to cause a denial of service (device reload) via a crafted SCCP registration, aka Bug ID CSCtu73538. | |||||
| CVE-2012-0330 | 1 Cisco | 2 Telepresence System Software, Telepresence Video Communication Server | 2012-02-29 | 7.8 HIGH | N/A |
| Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a malformed SIP message, aka Bug ID CSCtr20426. | |||||
| CVE-2012-0331 | 1 Cisco | 2 Telepresence System Software, Telepresence Video Communication Server | 2012-02-29 | 7.5 HIGH | N/A |
| Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP packet, as demonstrated by a SIP INVITE message from a Tandberg device, aka Bug ID CSCtq73319. | |||||
| CVE-2012-0366 | 1 Cisco | 1 Unity Connection | 2012-02-29 | 9.0 HIGH | N/A |
| Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated users to change the administrative password by leveraging the Help Desk Administrator role, aka Bug ID CSCtd45141. | |||||
| CVE-2012-0367 | 1 Cisco | 1 Unity Connection | 2012-02-29 | 7.8 HIGH | N/A |
| Cisco Unity Connection before 7.1.5b(Su5), 8.0 and 8.5 before 8.5.1(Su3), and 8.6 before 8.6.2 allows remote attackers to cause a denial of service (services crash) via a series of crafted TCP segments, aka Bug ID CSCtq67899. | |||||
| CVE-2006-7248 | 2012-02-29 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7250, CVE-2012-1410. Reason: this candidate was intended for one issue, but CVE users may have associated it with multiple unrelated issues. Notes: All CVE users should consult CVE-2006-7250 for the OpenSSL candidate or CVE-2012-1410 for the Kadu candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2006-7249 | 2012-02-29 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7250, CVE-2012-1410. Reason: this candidate was intended for one issue, but CVE users may have associated it with multiple unrelated issues. Notes: All CVE users should consult CVE-2006-7250 for the OpenSSL candidate or CVE-2012-1410 for the Kadu candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2012-1091 | 2012-02-29 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-1410. Reason: This candidate is a reservation duplicate of CVE-2012-1410. Notes: All CVE users should reference CVE-2012-1410 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2012-1092 | 2012-02-29 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-1410. Reason: This candidate is a reservation duplicate of CVE-2012-1410. Notes: All CVE users should reference CVE-2012-1410 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2012-1410 | 1 Kadu | 1 Kadu | 2012-02-29 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the History Window implementation in Kadu 0.9.0 through 0.11.0 allow remote attackers to inject arbitrary web script or HTML via a crafted (1) SMS message, (2) presence message, or (3) status description. | |||||