Export limit exceeded: 24994 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24994 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-4104 | 1 Djangoproject | 1 Tastypie | 2025-04-12 | N/A |
| The from_yaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method. | ||||
| CVE-2013-1818 | 1 Mediawiki | 1 Mediawiki | 2025-04-12 | N/A |
| maintenance/mwdoc-filter.php in MediaWiki before 1.20.3 allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2013-0740 | 1 Dell | 1 Openmanage Server Administrator | 2025-04-12 | N/A |
| Open redirect vulnerability in Dell OpenManage Server Administrator (OMSA) before 7.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the file parameter to HelpViewer. | ||||
| CVE-2012-5723 | 1 Cisco | 9 Asr 1001, Asr 1002, Asr 1002-x and 6 more | 2025-04-12 | N/A |
| Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948. | ||||
| CVE-2011-4407 | 1 Canonical | 2 Software-properties, Ubuntu Linux | 2025-04-12 | N/A |
| ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle (MITM) attackers to spoof GPG keys for a package repository. | ||||
| CVE-2012-2095 | 2 David Paleino, Fedoraproject | 2 Wicd, Fedora | 2025-04-12 | N/A |
| The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message. | ||||
| CVE-2016-5696 | 4 Google, Linux, Oracle and 1 more | 8 Android, Linux Kernel, Vm Server and 5 more | 2025-04-12 | N/A |
| net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack. | ||||
| CVE-2012-5621 | 1 Ekiga | 1 Ekiga | 2025-04-12 | N/A |
| lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings. | ||||
| CVE-2013-2014 | 2 Fedoraproject, Openstack | 2 Fedora, Keystone | 2025-04-12 | N/A |
| OpenStack Identity (Keystone) before 2013.1 allows remote attackers to cause a denial of service (memory consumption and crash) via multiple long requests. | ||||
| CVE-2013-4197 | 1 Plone | 1 Plone | 2025-04-12 | N/A |
| member_portrait.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to modify or delete portraits of other users via unspecified vectors. | ||||
| CVE-2014-9358 | 2 Docker, Redhat | 2 Docker, Rhel Extras Other | 2025-04-12 | N/A |
| Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications." | ||||
| CVE-2011-3195 | 1 Gplhost | 1 Domain Technologie Control | 2025-04-12 | N/A |
| shared/inc/sql/lists.php in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in mailing list tunable options. | ||||
| CVE-2013-5423 | 1 Ibm | 1 Flex System Manager | 2025-04-12 | N/A |
| IBM Flex System Manager (FSM) 1.1 through 1.3 before 1.3.2.0 allows remote attackers to enumerate user accounts via unspecified vectors. | ||||
| CVE-2016-5743 | 1 Siemens | 5 Simatic Batch, Simatic Openpcs 7, Simatic Pcs 7 and 2 more | 2025-04-12 | N/A |
| Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets. | ||||
| CVE-2014-2567 | 1 Trojita Project | 1 Trojita | 2025-04-12 | N/A |
| The OpenConnectionTask::handleStateHelper function in Imap/Tasks/OpenConnectionTask.cpp in Trojita before 0.4.1 allows man-in-the-middle attackers to trigger use of cleartext for saving a message into a (1) sent or (2) draft folder via a PREAUTH response that prevents later use of the STARTTLS command. | ||||
| CVE-2014-2585 | 1 Owncloud | 1 Owncloud Server | 2025-04-12 | N/A |
| ownCloud before 5.0.15 and 6.x before 6.0.2, when the file_external app is enabled, allows remote authenticated users to mount the local filesystem in the user's ownCloud via the mount configuration. | ||||
| CVE-2014-2597 | 1 Remote-rac | 1 Rac Server | 2025-04-12 | N/A |
| PCNetSoftware RAC Server 4.0.4 and 4.0.5 allows local users to cause a denial of service (disabled keyboard or crash) via a large input buffer to unspecified IOCTL requests in RACDriver.sys, which triggers a buffer over-read. | ||||
| CVE-2014-2599 | 1 Xen | 1 Xen | 2025-04-12 | N/A |
| The HVMOP_set_mem_access HVM control operations in Xen 4.1.x for 32-bit and 4.1.x through 4.4.x for 64-bit allow local guest administrators to cause a denial of service (CPU consumption) by leveraging access to certain service domains for HVM guests and a large input. | ||||
| CVE-2014-2642 | 1 Hp | 1 System Management Homepage | 2025-04-12 | N/A |
| HP System Management Homepage (SMH) before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | ||||
| CVE-2014-2645 | 1 Hp | 1 Systems Insight Manager | 2025-04-12 | N/A |
| HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to conduct clickjacking attacks via unknown vectors. | ||||