Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Total 210374 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-3801 1 Cisco 3 Ios, Unified Callmanager, Unified Communications Manager 2022-06-02 7.1 HIGH N/A
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802.
CVE-2008-3800 1 Cisco 3 Ios, Unified Callmanager, Unified Communications Manager 2022-06-02 7.1 HIGH N/A
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802.
CVE-2008-3799 1 Cisco 1 Ios 2022-06-02 7.8 HIGH N/A
Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP messages.
CVE-2008-3798 1 Cisco 1 Ios 2022-06-02 7.8 HIGH N/A
Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session.
CVE-2008-2739 1 Cisco 1 Ios 2022-06-02 7.8 HIGH N/A
The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447.
CVE-2007-0918 1 Cisco 1 Ios 2022-06-02 7.1 HIGH N/A
The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.
CVE-2021-42702 1 Inkscape 1 Inkscape 2022-06-02 4.3 MEDIUM 3.3 LOW
Inkscape version 0.91 can access an uninitialized pointer, which may allow an attacker to have access to unauthorized information.
CVE-2021-42700 1 Inkscape 1 Inkscape 2022-06-02 3.5 LOW 3.3 LOW
Inkscape 0.91 is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized information.
CVE-2022-31245 1 Mailcow 1 Mailcow\ 2022-06-02 9.0 HIGH 8.8 HIGH
mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the --debug option in conjunction with the ---PIPEMESS option in Sync Jobs.
CVE-2022-29160 1 Nextcloud 1 Nextcloud 2022-06-02 2.1 LOW 3.3 LOW
Nextcloud Android is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.0, sensitive tokens, images, and user related details exist after deletion of a user account. This could result in misuse of the former account holder's information. Nextcloud Android version 3.19.0 contains a patch for this issue. There are no known workarounds available.
CVE-2022-1413 1 Gitlab 1 Gitlab 2022-06-02 5.0 MEDIUM 7.5 HIGH
Missing input masking in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 causes potentially sensitive integration properties to be disclosed in the web interface
CVE-2022-1416 1 Gitlab 1 Gitlab 2022-06-02 3.5 LOW 5.4 MEDIUM
Missing sanitization of data in Pipeline error messages in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows for rendering of attacker controlled HTML tags and CSS styling
CVE-2022-1423 1 Gitlab 1 Gitlab 2022-06-02 6.5 MEDIUM 8.8 HIGH
Improper access control in the CI/CD cache mechanism in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows a malicious actor with Developer privileges to perform cache poisoning leading to arbitrary code execution in protected branches
CVE-2013-6691 1 Cisco 1 Adaptive Security Appliance Software 2022-06-02 6.8 MEDIUM N/A
The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344.
CVE-2013-5557 1 Cisco 1 Adaptive Security Appliance Software 2022-06-02 6.3 MEDIUM N/A
The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of service (device crash or error-recovery event) via an HTTP request that triggers a rewrite, aka Bug ID CSCug91577.
CVE-2013-5567 1 Cisco 1 Adaptive Security Appliance Software 2022-06-02 5.4 MEDIUM N/A
Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash) via a packet that triggers multiple matches, aka Bug ID CSCui45606.
CVE-2014-3407 1 Cisco 1 Adaptive Security Appliance Software 2022-06-02 5.0 MEDIUM N/A
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888.
CVE-2014-3399 1 Cisco 1 Adaptive Security Appliance Software 2022-06-02 5.5 MEDIUM N/A
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary RAMFS cache files or inject Lua programs, and consequently cause a denial of service (portal outage or system reload), via crafted HTTP requests, aka Bug ID CSCup54208.
CVE-2014-3264 1 Cisco 1 Adaptive Security Appliance Software 2022-06-02 6.3 MEDIUM N/A
Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier allows remote authenticated users to cause a denial of service (device reload) via crafted attributes in a RADIUS packet, aka Bug ID CSCun69561.
CVE-2014-2151 1 Cisco 1 Adaptive Security Appliance Software 2022-06-02 4.0 MEDIUM N/A
The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) and earlier allows remote authenticated users to obtain sensitive information via a crafted JavaScript file, aka Bug ID CSCui04520.