CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2013-2385 Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 2.8.0 through 4.1.0 allows remote authenticated users to affect confidentiality via vect... | N/A | NONE | — | 0 |
| CVE-2012-0461 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunde... | N/A | NONE | — | 0 |
| CVE-2012-0462 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and Se... | N/A | NONE | — | 0 |
| CVE-2012-0463 The nsWindow implementation in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR... | N/A | NONE | — | 0 |
| CVE-2012-0464 Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ES... | N/A | NONE | — | 0 |
| CVE-2013-2362 Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows local users to cause a denial of service via unknown vectors, aka ZDI-CAN-1676. | N/A | NONE | — | 0 |
| CVE-2012-0353 The UDP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 before 8.0(5.25)... | N/A | NONE | — | 0 |
| CVE-2012-0354 The Threat Detection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 through 8.2 b... | N/A | NONE | — | 0 |
| CVE-2012-0355 Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.4 before 8.4(2.11) and 8.5 before 8.5(1.4) allo... | N/A | NONE | — | 0 |
| CVE-2012-0356 Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 through 7.2 before 7.2(5.7), 8.0 before 8.0(5... | N/A | NONE | — | 0 |
| CVE-2012-0358 Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through the Clientless VPN feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with softwa... | N/A | NONE | — | 0 |
| CVE-2012-0398 EMC Documentum eRoom before 7.4.4 does not properly validate session cookies, which allows remote attackers to hijack or replay sessions via unspecified vectors. | N/A | NONE | — | 0 |
| CVE-2012-0404 Cross-site scripting (XSS) vulnerability in EMC Documentum eRoom before 7.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | N/A | NONE | — | 0 |
| CVE-2011-4939 The pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin before 2.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by changing a nickn... | N/A | NONE | — | 0 |
| CVE-2012-1178 The msn_oim_report_to_user function in oim.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.2 allows remote servers to cause a denial of service (application crash) via an OIM message t... | N/A | NONE | — | 0 |
| CVE-2012-1165 The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application cras... | N/A | NONE | — | 0 |
| CVE-2012-1481 Unspecified vulnerability in the Textdroid (com.app.android.textdroid) application 2.5.2 for Android has unknown impact and attack vectors. | N/A | NONE | — | 0 |
| CVE-2012-1482 Unspecified vulnerability in the TouchPal Contacts (com.cootek.smartdialer) application 3.3.1 and 4.0.1 for Android has unknown impact and attack vectors. | N/A | NONE | — | 0 |
| CVE-2012-1483 Unspecified vulnerability in the Message Forwarder (com.gmail.zbnetium) application 1.12.20110409.1 for Android has unknown impact and attack vectors. | N/A | NONE | — | 0 |
| CVE-2012-1484 Unspecified vulnerability in the WaliSMS CN (cn.com.wali.walisms) application 2.9.2 and 3.7.0 for Android has unknown impact and attack vectors. | N/A | NONE | — | 0 |
| CVE-2012-1485 Unspecified vulnerability in the NetFront Life Browser (com.access_company.android.nflifebrowser.lite) application 2.2.0 and 2.3.0 for Android has unknown impact and attack vectors. | N/A | NONE | — | 0 |
| CVE-2013-2363 HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2356. | N/A | NONE | — | 0 |
| CVE-2012-0229 The Data Archiver service in GE Intelligent Platforms Proficy Historian 4.5 and earlier allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via ... | N/A | NONE | — | 0 |
| CVE-2012-0230 PRRDS.exe in the Proficy Remote Data Service in GE Intelligent Platforms Proficy Plant Applications 5.0 and earlier allows remote attackers to cause a denial of service (memory corruption) or possibly... | N/A | NONE | — | 0 |
| CVE-2012-0231 PRLicenseMgr.exe in the Proficy Server License Manager in GE Intelligent Platforms Proficy Plant Applications 5.0 and earlier allows remote attackers to cause a denial of service (memory corruption) o... | N/A | NONE | — | 0 |
| CVE-2012-0232 Directory traversal vulnerability in rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6, 3.0, 3.0 SP1, and 3.5 allows remote attackers to ... | N/A | NONE | — | 0 |
| CVE-2012-1508 The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges or cause a denial of service (NULL poin... | N/A | NONE | — | 0 |
| CVE-2012-1509 Buffer overflow in the XPDM display driver in VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors. | N/A | NONE | — | 0 |
| CVE-2012-1510 Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vect... | N/A | NONE | — | 0 |
| CVE-2012-1511 Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | N/A | NONE | — | 0 |
| CVE-2012-1512 Cross-site scripting (XSS) vulnerability in the internal browser in vSphere Client in VMware vSphere 4.1 before Update 2 and 5.0 before Update 1 allows remote attackers to inject arbitrary web script ... | N/A | NONE | — | 0 |
| CVE-2012-1513 The Web Configuration tool in VMware vCenter Orchestrator (vCO) 4.0 before Update 4, 4.1 before Update 2, and 4.2 before Update 1 places the vCenter Server password in an HTML document, which allows r... | N/A | NONE | — | 0 |
| CVE-2012-1514 Cross-site request forgery (CSRF) vulnerability in VMware vShield Manager (vSM) 1.0.1 before Update 2 and 4.1.0 before Update 2 allows remote attackers to hijack the authentication of arbitrary users. | N/A | NONE | — | 0 |
| CVE-2012-0293 Multiple SQL injection vulnerabilities in Symantec Altiris WISE Package Studio before 8.0MR1 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | N/A | NONE | — | 0 |
| CVE-2012-0326 The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted applicat... | N/A | NONE | — | 0 |
| CVE-2012-1264 Unspecified vulnerability in Gretech GOM Media Player before 2.1.37.5091 allows remote attackers to execute arbitrary code via a crafted AVI file. | N/A | NONE | — | 0 |
| CVE-2012-1774 Unspecified vulnerability in the Open URL feature in Gretech GOM Media Player before 2.1.39.5101 has unknown impact and attack vectors, a different vulnerability than CVE-2007-5779 and CVE-2012-1264. | N/A | NONE | — | 0 |
| CVE-2012-1775 Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream. | N/A | NONE | — | 0 |
| CVE-2012-1776 Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ... | N/A | NONE | — | 0 |
| CVE-2009-5112 wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to obtain the installation path via a crafted request. | N/A | NONE | — | 0 |
| CVE-2009-5113 Cross-site scripting (XSS) vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the DOC parameter. | N/A | NONE | — | 0 |
| CVE-2009-5114 Directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the DOC parameter. | N/A | NONE | — | 0 |
| CVE-2013-2386 Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 2.8.0 through 4.1.0 allows remote authenticated users to affect integrity and availabili... | N/A | NONE | — | 0 |
| CVE-2010-5086 Directory traversal vulnerability in wiki/rankings.php in Bitweaver 2.7 and 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the style parameter. | N/A | NONE | — | 0 |
| CVE-2011-5082 Cross-site scripting (XSS) vulnerability in the s2Member Pro plugin before 111220 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s2member_pro_authnet_checkout[cou... | N/A | NONE | — | 0 |
| CVE-2011-5083 Unrestricted file upload vulnerability in inc/swf/swfupload.swf in Dotclear 2.3.1 and 2.4.2 allows remote attackers to execute arbitrary code by uploading a file with an executable PHP extension, then... | N/A | NONE | — | 0 |
| CVE-2012-1297 Multiple cross-site request forgery (CSRF) vulnerabilities in main.php in Contao (formerly TYPOlight) 2.11.0 and earlier allow remote attackers to hijack the authentication of administrators for reque... | N/A | NONE | — | 0 |
| CVE-2012-1778 SQL injection vulnerability in artykul_print.php in CreateVision CMS allows remote attackers to execute arbitrary SQL commands via the id parameter. | N/A | NONE | — | 0 |
| CVE-2013-2364 Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | N/A | NONE | — | 0 |
| CVE-2012-1779 Cross-site scripting (XSS) vulnerability in IDevSpot idev-BusinessDirectory 3.0 allows remote attackers to inject arbitrary web script or HTML via the SEARCH parameter to index.php. | N/A | NONE | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.