Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-3021 | 1 Ge | 1 Intelligent Platforms Proficy Real-time Information Portal | 2013-04-12 | 10.0 HIGH | N/A |
| rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 through 3.5 SP1 allows remote attackers to cause a denial of service (memory corruption and service crash) or possibly execute arbitrary code via long input data, a different vulnerability than CVE-2012-3010 and CVE-2012-3026. | |||||
| CVE-2012-3026 | 1 Ge | 1 Intelligent Platforms Proficy Real-time Information Portal | 2013-04-12 | 10.0 HIGH | N/A |
| rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 through 3.5 SP1 allows remote attackers to cause a denial of service (memory corruption and service crash) or possibly execute arbitrary code via long input data, a different vulnerability than CVE-2012-3010 and CVE-2012-3021. | |||||
| CVE-2012-2995 | 1 Trendmicro | 1 Interscan Messaging Security Suite | 2013-04-12 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394 allow remote attackers to inject arbitrary web script or HTML via (1) the wrsApprovedURL parameter to addRuleAttrWrsApproveUrl.imss or (2) the src parameter to initUpdSchPage.imss. | |||||
| CVE-2012-2996 | 1 Trendmicro | 1 Interscan Messaging Security Suite | 2013-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in saveAccountSubTab.imss in Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394 allows remote attackers to hijack the authentication of administrators for requests that create admin accounts via a saveAuth action. | |||||
| CVE-2013-1151 | 1 Cisco | 1 Adaptive Security Appliance Software | 2013-04-11 | 7.1 HIGH | N/A |
| Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5), 8.5 before 8.5(1.17), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3) allow remote attackers to cause a denial of service (device reload) via a crafted certificate, aka Bug ID CSCuc72408. | |||||
| CVE-2013-1172 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2013-04-11 | 6.6 MEDIUM | N/A |
| The Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) does not properly verify files, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14153. | |||||
| CVE-2013-1173 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2013-04-11 | 6.6 MEDIUM | N/A |
| Heap-based buffer overflow in ciscod.exe in the Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14143. | |||||
| CVE-2013-1189 | 1 Cisco | 1 Ubr10012 | 2013-04-11 | 5.7 MEDIUM | N/A |
| Cisco Universal Broadband (aka uBR) 10000 series routers, when an IPv4/IPv6 dual-stack modem is used, allow remote attackers to cause a denial of service (routing-engine reload) via unspecified changes to IP address assignments, aka Bug ID CSCue15313. | |||||
| CVE-2012-6120 | 1 Redhat | 2 Openstack Essex, Openstack Folsom | 2013-04-10 | 2.1 LOW | N/A |
| Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files. | |||||
| CVE-2013-0927 | 1 Google | 1 Chrome Os | 2013-04-10 | 7.5 HIGH | N/A |
| Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c read_config implementation that loads the contents of the .pangorc file in the user's home directory, and the file referenced by the PANGO_RC_FILE environment variable, which allows attackers to bypass intended access restrictions via crafted configuration data. | |||||
| CVE-2013-0886 | 2 Apple, Google | 2 Mac Os X, Chrome | 2013-04-10 | 7.5 HIGH | N/A |
| Google Chrome before 25.0.1364.99 on Mac OS X does not properly implement signal handling for Native Client (aka NaCl) code, which has unspecified impact and attack vectors. | |||||
| CVE-2013-2503 | 1 Privoxy | 1 Privoxy | 2013-04-10 | 5.8 MEDIUM | N/A |
| Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code. | |||||
| CVE-2012-5638 | 1 Ovirt | 1 Sanlock | 2013-04-10 | 3.6 LOW | N/A |
| The setup_logging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content or bypass intended disk-quota restrictions via standard filesystem write operations. | |||||
| CVE-2012-4596 | 1 Mcafee | 1 Email Gateway | 2013-04-10 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in McAfee Email Gateway (MEG) 7.0.0 and 7.0.1 allows remote authenticated users to bypass intended access restrictions and download arbitrary files via a crafted URL. | |||||
| CVE-2012-4618 | 1 Cisco | 1 Ios | 2013-04-10 | 7.8 HIGH | N/A |
| The SIP ALG feature in the NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtn76183. | |||||
| CVE-2012-4619 | 1 Cisco | 1 Ios | 2013-04-10 | 7.8 HIGH | N/A |
| The NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtr46123. | |||||
| CVE-2012-5048 | 1 Optimalog | 1 Optima Plc | 2013-04-10 | 7.8 HIGH | N/A |
| APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted packet. | |||||
| CVE-2012-5049 | 1 Optimalog | 1 Optima Plc | 2013-04-10 | 7.8 HIGH | N/A |
| APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. | |||||
| CVE-2012-5173 | 1 Bigace | 1 Bigace | 2013-04-10 | 6.8 MEDIUM | N/A |
| Session fixation vulnerability in BIGACE before 2.7.8 allows remote attackers to hijack web sessions via unspecified vectors. | |||||
| CVE-2012-5453 | 1 Atutor | 1 Acontent | 2013-04-10 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in user/index_inline_editor_submit.php in ATutor AContent 1.2-1 allows remote authenticated users to execute arbitrary SQL commands via the field parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-5167. | |||||