Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-5197 | 1 Public Knowledge Project | 1 Open Harvester Systems | 2016-09-19 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Project Open Harvester Systems 2.3.1 and earlier allows remote attackers to hijack the authentication of administrators for requests that upload PHP files. | |||||
| CVE-2014-5332 | 1 Linux | 1 Linux Kernel | 2016-09-19 | 6.9 MEDIUM | N/A |
| Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by using a race condition to escape the Chrome sandbox. | |||||
| CVE-2011-5195 | 1 Public Knowledge Project | 1 Open Conference Systems | 2016-09-19 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Project Open Conference Systems 2.3.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that upload a PHP file. | |||||
| CVE-2000-0322 | 1 Redhat | 1 Linux | 2016-09-16 | 10.0 HIGH | N/A |
| The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2001-1095 | 1 Ibm | 1 Aix | 2016-09-16 | 4.6 MEDIUM | N/A |
| Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r parameter. | |||||
| CVE-2002-0473 | 1 Phpbb Group | 1 Phpbb | 2016-09-16 | 10.0 HIGH | N/A |
| db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote attackers to execute arbitrary code from remote servers via the phpbb_root_path parameter. | |||||
| CVE-2002-1054 | 1 Pablo Software Solutions | 1 Pablo Ftp Server | 2016-09-16 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via "..\" (dot-dot backslash) sequences in a LIST command. | |||||
| CVE-2013-5486 | 1 Cisco | 1 Prime Data Center Network Manager | 2016-09-16 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to write arbitrary files via the chartid parameter, aka Bug IDs CSCue77035 and CSCue77036. NOTE: this can be leveraged to execute arbitrary commands by using the JBoss autodeploy functionality. | |||||
| CVE-2013-6710 | 1 Cisco | 1 Webex Training Center | 2016-09-16 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Training Center allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCul25567. | |||||
| CVE-2013-6711 | 1 Cisco | 1 Webex Sales Center | 2016-09-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the product-creation administrative page in Cisco WebEx Sales Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul25540. | |||||
| CVE-2013-3448 | 1 Cisco | 1 Webex Meetings Server | 2016-09-16 | 4.0 MEDIUM | N/A |
| Cisco WebEx Meetings Server does not check whether a user account is active, which allows remote authenticated users to bypass intended access restrictions by performing meeting operations after account deactivation, aka Bug ID CSCuh33315. | |||||
| CVE-2013-3437 | 1 Cisco | 1 Unified Operations Manager | 2016-09-16 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179. | |||||
| CVE-2013-3438 | 1 Cisco | 1 Unified Meetingplace Web Conferencing | 2016-09-16 | 5.0 MEDIUM | N/A |
| The web framework in the server in Cisco Unified MeetingPlace Web Conferencing allows remote attackers to bypass intended access restrictions and read unspecified web pages via crafted parameters, aka Bug ID CSCuh86385. | |||||
| CVE-2013-3435 | 1 Cisco | 2 Unified Ip Conference Station 7937g, Unified Ip Conference Station 7937g Firmware | 2016-09-16 | 5.0 MEDIUM | N/A |
| The Cisco Unified IP Conference Station 7937G allows remote attackers to cause a denial of service (networking outage) via a flood of TCP packets, aka Bug ID CSCuh42052. | |||||
| CVE-2013-6981 | 1 Cisco | 1 Ios Xe | 2016-09-15 | 5.4 MEDIUM | N/A |
| Cisco IOS XE 3.7S(.1) and earlier allows remote attackers to cause a denial of service (Packet Processor crash) via fragmented MPLS IP packets, aka Bug ID CSCul00709. | |||||
| CVE-2013-6976 | 1 Cisco | 1 Epc3925 | 2016-09-15 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in goform/Quick_setup on Cisco EPC3925 devices allows remote attackers to hijack the authentication of administrators for requests that change a password via the Password and PasswordReEnter parameters, aka Bug ID CSCuh37496. | |||||
| CVE-2013-6704 | 1 Cisco | 1 Ios Xe | 2016-09-15 | 7.1 HIGH | N/A |
| Cisco IOS XE does not properly manage memory for TFTP UDP flows, which allows remote attackers to cause a denial of service (memory consumption) via TFTP (1) client or (2) server traffic, aka Bug IDs CSCuh09324 and CSCty42686. | |||||
| CVE-2013-6705 | 1 Cisco | 2 Ios, Ios Xe | 2016-09-15 | 6.1 MEDIUM | N/A |
| The IP Device Tracking (IPDT) feature in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (IPDT AVL corruption and device reload) via a crafted sequence of ARP packets, aka Bug ID CSCuh38133. | |||||
| CVE-2013-6709 | 1 Cisco | 1 Webex Training Center | 2016-09-15 | 5.0 MEDIUM | N/A |
| The registration component in Cisco WebEx Training Center provides the training-session URL before payment is completed, which allows remote attackers to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul57111. | |||||
| CVE-2013-6701 | 1 Cisco | 8 Cisco Ons 15454 System Software, Ons 15454, Ons 15454 Mspp and 5 more | 2016-09-15 | 5.0 MEDIUM | N/A |
| The tNetTaskLimit process on the Transport Node Controller (TNC) on Cisco ONS 15454 devices with software 9.6 and earlier does not properly prioritize health pings, which allows remote attackers to cause a denial of service (watchdog timeout and TNC reset) via a flood of network traffic, aka Bug ID CSCud97155. | |||||