Export limit exceeded: 342089 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (5484 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-0185 | 1 Microsoft | 3 Excel, Excel Viewer, Office Compatibility Pack | 2025-04-11 | N/A |
| Heap-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 Gold and SP1, Excel Viewer, and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet that triggers incorrect handling of memory during opening, aka "Excel MergeCells Record Heap Overflow Vulnerability." | ||||
| CVE-2012-0191 | 1 Ibm | 1 Lotus Expeditor | 2025-04-11 | N/A |
| The web container in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack does not properly perform access control for requests, which allows remote attackers to spoof a localhost request origin via crafted headers. | ||||
| CVE-2012-0205 | 1 Ibm | 2 Infosphere Information Server, Infosphere Metadata Workbench | 2025-04-11 | N/A |
| InfoSphere Metadata Workbench (MWB) 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly restrict use of the troubleshooting feature, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (workbench outage) via unspecified vectors. | ||||
| CVE-2012-0215 | 1 Tryton | 1 Trytond | 2025-04-11 | N/A |
| model/modelstorage.py in the Tryton application framework (trytond) before 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authenticated users to modify the privileges of arbitrary users via a (1) create, (2) write, (3) delete, or (4) copy rpc call. | ||||
| CVE-2012-0585 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| The Private Browsing feature in Safari in Apple iOS before 5.1 allows remote attackers to bypass intended privacy settings and insert history entries via JavaScript code that calls the (1) pushState or (2) replaceState method. | ||||
| CVE-2012-0643 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| The kernel in Apple iOS before 5.1 does not properly handle debug system calls, which allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a crafted program. | ||||
| CVE-2012-0645 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice commands, which allows physically proximate attackers to bypass the locked state via a command that forwards an active e-mail message to an arbitrary recipient. | ||||
| CVE-2012-0657 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-11 | N/A |
| Quartz Composer in Apple Mac OS X before 10.7.4, when the RSS Visualizer screensaver is enabled, allows physically proximate attackers to bypass screen locking and launch a Safari process via unspecified vectors. | ||||
| CVE-2012-0679 | 1 Apple | 1 Safari | 2025-04-11 | N/A |
| Apple Safari before 6.0 allows remote attackers to read arbitrary files via a feed:// URL. | ||||
| CVE-2012-0680 | 1 Apple | 1 Safari | 2025-04-11 | N/A |
| Apple Safari before 6.0 does not properly handle the autocomplete attribute of a password input element, which allows remote attackers to bypass authentication by leveraging an unattended workstation. | ||||
| CVE-2012-0691 | 1 Broadcom | 1 License Software | 2025-04-11 | N/A |
| CA License (aka CA Licensing) before 1.90.03 does not properly restrict system commands, which allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2012-0692 | 1 Broadcom | 1 License Software | 2025-04-11 | N/A |
| CA License (aka CA Licensing) before 1.90.03 allows local users to modify or create arbitrary files, and consequently gain privileges, via unspecified vectors. | ||||
| CVE-2012-0701 | 1 Ibm | 2 Infosphere Datastage, Infosphere Information Server | 2025-04-11 | N/A |
| The client applications in the DataStage Administrator client in InfoSphere DataStage in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 rely on client-side access control, which allows remote authenticated users to gain privileges via unspecified vectors. | ||||
| CVE-2012-0706 | 1 Ibm | 1 Scale Out Network Attached Storage | 2025-04-11 | N/A |
| IBM Scale Out Network Attached Storage (SONAS) 1.3 before 1.3.2.3 requires cleartext storage of LDAP credentials without recommending a less privileged LDAP account, which might allow attackers to obtain sensitive server information by leveraging root access to a client machine. | ||||
| CVE-2012-0733 | 1 Ibm | 1 Rational Appscan | 2025-04-11 | N/A |
| IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1, when Integrated Windows authentication is used, allows remote authenticated users to obtain administrative privileges by hijacking a session associated with the service account. | ||||
| CVE-2012-0745 | 1 Ibm | 2 Aix, Vios | 2025-04-11 | N/A |
| The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2012-0776 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-11 | N/A |
| The installer in Adobe Reader 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. | ||||
| CVE-2012-0793 | 1 Moodle | 1 Moodle | 2025-04-11 | N/A |
| Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote attackers to view the profile images of arbitrary user accounts via unspecified vectors. | ||||
| CVE-2012-0798 | 1 Moodle | 1 Moodle | 2025-04-11 | N/A |
| The self-enrolment functionality in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 allows remote authenticated users to obtain the manager role by leveraging the teacher role. | ||||
| CVE-2012-0827 | 1 Drupal | 1 Drupal | 2025-04-11 | N/A |
| The File module in Drupal 7.x before 7.11, when using unspecified field access modules, allows remote authenticated users to read arbitrary private files that are associated with restricted fields via unspecified vectors. | ||||