Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0054 | 1 Golismero | 1 Golismero | 2012-08-02 | 3.3 LOW | N/A |
| libs/updater.py in GoLismero 0.6.3, and other versions before Git revision 2b3bb43d6867, as used in backtrack and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on GoLismero-controlled files, as demonstrated using Admin/changes.dat. | |||||
| CVE-2008-7292 | 2 Microsoft, Mozilla | 2 Windows, Bugzilla | 2012-08-01 | 2.1 LOW | N/A |
| Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before 3.0.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files, a different vulnerability than CVE-2011-2977. | |||||
| CVE-2008-7293 | 1 Mozilla | 1 Firefox | 2012-08-01 | 5.8 MEDIUM | N/A |
| Mozilla Firefox before 4 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. | |||||
| CVE-2008-7294 | 1 Google | 1 Chrome | 2012-08-01 | 5.8 MEDIUM | N/A |
| Google Chrome before 4.0.211.0 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. | |||||
| CVE-2008-7296 | 1 Apple | 1 Safari | 2012-08-01 | 5.8 MEDIUM | N/A |
| Apple Safari cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. | |||||
| CVE-2008-7297 | 1 Opera | 1 Opera Browser | 2012-08-01 | 5.8 MEDIUM | N/A |
| Opera cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. | |||||
| CVE-2008-7298 | 2 Android, Google | 2 Android Browser, Android | 2012-08-01 | 5.8 MEDIUM | N/A |
| The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. | |||||
| CVE-2011-0840 | 1 Oracle | 4 Peoplesoft And Jdedwards Product Suite, Peoplesoft Enterprise, Peoplesoft Enterprise Peopletools and 1 more | 2012-08-01 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle PeopleSoft Enterprise PeopleTools 8.49 GA through 8.49.30 allows remote authenticated users to affect confidentiality via unknown vectors related to File Processing. | |||||
| CVE-2011-0841 | 1 Sun | 1 Sunos | 2012-08-01 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to TCP/IP. | |||||
| CVE-2011-0843 | 1 Oracle | 1 Siebel Crm | 2012-08-01 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel CRM Core component in Oracle Siebel CRM 7.8.2, 8.0.0, and 8.1.1 allows remote attackers to affect integrity via unknown vectors related to Globalization - Automotive. | |||||
| CVE-2011-0844 | 1 Oracle | 1 Sun Products Suite | 2012-08-01 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in Oracle Sun Products Suite 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Authentication. | |||||
| CVE-2011-0846 | 1 Oracle | 1 Sun Java System Access Manager Policy Agent | 2012-08-01 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Sun Java System Access Manager Policy Agent 2.2 allows remote attackers to affect availability via unknown vectors related to Web Proxy Agent. | |||||
| CVE-2011-0847 | 1 Oracle | 1 Sun Products Suite | 2012-08-01 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in Oracle Sun Products Suite 7.1 and 8.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Authentication. | |||||
| CVE-2011-0849 | 1 Oracle | 1 Java Dynamic Management Kit | 2012-08-01 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Java Dynamic Management Kit 5.1 allows remote attackers to affect integrity, related to HTML Adaptor. | |||||
| CVE-2011-0850 | 1 Oracle | 1 Peoplesoft Enterprise Customer Relationship Management | 2012-08-01 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in Oracle PeopleSoft Enterprise CRM 8.9 Bundle #41 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Order Capture. | |||||
| CVE-2011-0851 | 1 Oracle | 1 Peoplesoft Enterprise Els | 2012-08-01 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in Oracle PeopleSoft Enterprise ELS 9.0 Bundle #19 and 9.1 Bundle #5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Enterprise Learning Mgmt. | |||||
| CVE-2011-0853 | 1 Oracle | 1 Peoplesoft Enterprise Hrms | 2012-08-01 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Bundle #15 and 9.1 Bundle #5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to ePerformance. | |||||
| CVE-2011-0854 | 1 Oracle | 1 Peoplesoft Enterprise Hrms | 2012-08-01 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.1 Bundle #5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to ePerformance. | |||||
| CVE-2011-0855 | 1 Oracle | 1 Industry Applications | 2012-08-01 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the InForm component in Oracle Industry Applications 4.5, 4.6, and 5.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Core. | |||||
| CVE-2011-0856 | 1 Oracle | 1 Peoplesoft Enterprise | 2012-08-01 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.49 GA through 8.49.30, 8.50 GA through 8.50.17, and 8.51 GA through 8.51.07 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||