Total
13203 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-4924 | 1 Wireshark | 1 Wireshark | 2025-04-11 | N/A |
| epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly validate certain index values, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet. | ||||
| CVE-2012-5787 | 1 Paypal | 1 Merchant Sdk | 2025-04-11 | N/A |
| The PayPal merchant SDK does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | ||||
| CVE-2013-5527 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-11 | N/A |
| The OSPF functionality in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted options in an LSA type 11 packet, aka Bug ID CSCui21030. | ||||
| CVE-2013-5476 | 1 Cisco | 1 Ios | 2025-04-11 | N/A |
| The Zone-Based Firewall (ZFW) feature in Cisco IOS 15.1 through 15.2, when content filtering or HTTP ALG inspection is enabled, allows remote attackers to cause a denial of service (device reload or hang) via crafted IPv4 HTTP traffic, aka Bug ID CSCtx56174. | ||||
| CVE-2013-5496 | 1 Cisco | 1 Nx-os | 2025-04-11 | N/A |
| Open Network Environment Platform (ONEP) in Cisco NX-OS allows remote authenticated users to cause a denial of service (network-element reload) via a crafted packet, aka Bug ID CSCui51551. | ||||
| CVE-2013-5547 | 1 Cisco | 7 Asr 1001, Asr 1002, Asr 1002-x and 4 more | 2025-04-11 | N/A |
| Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending malformed EoGRE packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuf08269. | ||||
| CVE-2012-5782 | 1 Amazon | 1 Flexible Payments Service | 2025-04-11 | N/A |
| Amazon Flexible Payments Service (FPS) PHP Library does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to misinterpretation of a certain "true" value. | ||||
| CVE-2012-1865 | 1 Microsoft | 6 Windows 2003 Server, Windows 7, Windows Server 2003 and 3 more | 2025-04-11 | N/A |
| win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to gain privileges via a crafted application, aka "String Atom Class Name Handling Vulnerability," a different vulnerability than CVE-2012-1864. | ||||
| CVE-2013-6011 | 1 Citrix | 2 Netscaler Application Delivery Controller, Netscaler Application Delivery Controller Firmware | 2025-04-11 | N/A |
| Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and appliance reboot) via a crafted request. | ||||
| CVE-2012-5647 | 1 Redhat | 2 Openshift, Openshift Origin | 2025-04-11 | N/A |
| Open redirect vulnerability in node-util/www/html/restorer.php in Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the PATH_INFO. | ||||
| CVE-2013-6702 | 1 Cisco | 2 Ons 15454, Ons 15454 Firmware | 2025-04-11 | N/A |
| The management implementation on Cisco ONS 15454 controller cards with software 9.8 and earlier allows remote attackers to cause a denial of service (card reset) via crafted packets, aka Bug ID CSCtz50902. | ||||
| CVE-2013-6966 | 1 Cisco | 1 Webex Training Center | 2025-04-11 | N/A |
| Open redirect vulnerability in Cisco WebEx Training Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul36031. | ||||
| CVE-2013-6969 | 1 Cisco | 1 Webex Training Center | 2025-04-11 | N/A |
| The training-registration page in Cisco WebEx Training Center allows remote attackers to modify unspecified fields via unknown vectors, aka Bug ID CSCul35990. | ||||
| CVE-2013-7079 | 1 Typo3 | 1 Typo3 | 2025-04-11 | N/A |
| Open redirect vulnerability in the OpenID extension in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2013-7267 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| The atalk_recvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. | ||||
| CVE-2013-7271 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| The x25_recvmsg function in net/x25/af_x25.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. | ||||
| CVE-2014-0660 | 1 Cisco | 1 Telepresence Isdn Gateway Software | 2025-04-11 | N/A |
| Cisco TelePresence ISDN Gateway with software before 2.2(1.92) allows remote attackers to cause a denial of service (D-channel call outage) via a crafted Q.931 STATUS message, aka Bug ID CSCui50360. | ||||
| CVE-2014-0656 | 1 Cisco | 1 Context Directory Agent | 2025-04-11 | N/A |
| Cisco Context Directory Agent (CDA) allows remote authenticated users to trigger the omission of certain user-interface data via crafted field values, aka Bug ID CSCuj45353. | ||||
| CVE-2011-3964 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 17.0.963.46 does not properly implement the drag-and-drop feature, which makes it easier for remote attackers to spoof the URL bar via unspecified vectors. | ||||
| CVE-2010-3236 | 1 Microsoft | 3 Excel, Office, Open Xml File Format Converter | 2025-04-11 | N/A |
| Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out Of Bounds Array Vulnerability." | ||||