Export limit exceeded: 24994 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24994 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-0844 | 2 Debian, Netsurf-browser | 2 Debian Linux, Netsurf | 2024-11-21 | 5.5 Medium |
| Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar. | ||||
| CVE-2012-0843 | 2 Debian, Uzbl | 2 Debian Linux, Uzbl | 2024-11-21 | 5.5 Medium |
| uzbl: Information disclosure via world-readable cookies storage file | ||||
| CVE-2012-0842 | 2 Debian, Suckless | 2 Debian Linux, Surf | 2024-11-21 | 5.5 Medium |
| surf: cookie jar has read access from other local user | ||||
| CVE-2012-0694 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 9.8 Critical |
| SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allows remote attackers to execute arbitrary PHP code. | ||||
| CVE-2012-0433 | 1 Crowbar Project | 1 Crowbar | 2024-11-21 | N/A |
| The install-chef-suse.sh script shipped with crowbar before 2012-10-02 is creating files containing confidential data with insecure permissions, allowing local users to read confidential data. | ||||
| CVE-2012-0334 | 1 Cisco | 1 Ironport Web Security Appliance | 2024-11-21 | 6.4 Medium |
| Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks | ||||
| CVE-2012-0051 | 2 Debian, Tahoe-lafs | 2 Debian Linux, Tahoe-lafs | 2024-11-21 | 7.4 High |
| Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval. | ||||
| CVE-2012-0046 | 1 Mediawiki | 1 Mediawiki | 2024-11-21 | 7.5 High |
| mediawiki allows deleted text to be exposed | ||||
| CVE-2011-5282 | 1 Mirc | 1 Mirc | 2024-11-21 | 5.3 Medium |
| mIRC prior to 7.22 has a message leak because chopping of outbound messages is mishandled. | ||||
| CVE-2011-4972 | 1 Ckeditor | 1 Ckeditor | 2024-11-21 | 7.5 High |
| hook_file_download in the CKEditor module 7.x-1.4 for Drupal does not properly restrict access to private files, which allows remote attackers to read private files via a direct request. | ||||
| CVE-2011-4968 | 2 Debian, F5 | 2 Debian Linux, Nginx | 2024-11-21 | 4.8 Medium |
| nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM) | ||||
| CVE-2011-4967 | 2 Openpegasus, Redhat | 2 Tog-pegasus, Enterprise Linux | 2024-11-21 | 7.5 High |
| tog-Pegasus has a package hash collision DoS vulnerability | ||||
| CVE-2011-4937 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 7.5 High |
| Joomla! 1.7.1 has core information disclosure due to inadequate error checking. | ||||
| CVE-2011-4919 | 1 Mpack Project | 1 Mpack | 2024-11-21 | 7.5 High |
| mpack 1.6 has information disclosure via eavesdropping on mails sent by other users | ||||
| CVE-2011-4917 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat. | ||||
| CVE-2011-4916 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*. | ||||
| CVE-2011-4915 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 5.5 Medium |
| fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts. | ||||
| CVE-2011-4904 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 6.5 Medium |
| TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services. | ||||
| CVE-2011-4902 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 6.5 Medium |
| TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to delete arbitrary files on the webserver. | ||||
| CVE-2011-4901 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 6.5 Medium |
| TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to extract arbitrary information from the TYPO3 database. | ||||