Vulnerabilities (CVE)

CWE filter

CWE-20

Filter

7801 total CVE
CVE Vendors Products Updated CVSS
CVE-2012-3587 1 Debian 1 Apt 2012-06-26 2.6
APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attackers to install Trojan horse packages via a...
CVE-2012-0954 1 Debian 1 Apt 2012-06-26 2.6
APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attackers to install altered packages via a...
CVE-2012-2494 1 Cisco 1 Anyconnect Secure Mobility Client 2012-06-21 4.3
The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which...
CVE-2012-2495 1 Cisco 2 Anyconnect Secure Mobility Client, Secure Desktop 2012-06-21 4.3
The HostScan downloader implementation in Cisco AnyConnect Secure Mobility Client 3.x before 3.0 MR8 and Cisco Secure Desktop before 3.6.6020 does not compare the timestamp of offered software to the timestamp of installed software, which allows...
CVE-2012-2493 1 Cisco 1 Anyconnect Secure Mobility Client 2012-06-21 9.3
The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Windows, and 2.x before 2.5 MR6 and 3.x before 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are...
CVE-2012-3556 1 Opera 1 Opera Browser 2012-06-15 9.3
Opera before 11.65 does not properly restrict the opening of a pop-up window in response to the first click of a double-click action, which makes it easier for user-assisted remote attackers to conduct cross-site scripting (XSS) attacks or...
CVE-2011-2899 1 Redhat 1 System-config-printer 2012-06-15 5.1
pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in foomatic-gui and possibly other products, allows remote SMB servers to execute arbitrary commands via shell metacharacters in the (1) NetBIOS or (2) workgroup name, which are not...
CVE-2012-3003 1 Siemens 1 Wincc 2012-06-12 5.8
Open redirect vulnerability in an unspecified web application in Siemens WinCC 7.0 SP3 before Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a GET request.
CVE-2007-5540 1 Opera 1 Opera Browser 2012-06-07 7.5
Unspecified vulnerability in Opera before 9.24 allows remote attackers to overwrite functions on pages from other domains and bypass the same-origin policy via unknown vectors.
CVE-2008-1080 1 Opera 1 Opera Browser 2012-06-07 6.8
Opera before 9.26 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename into a file input.
CVE-2011-2707 1 Linux 1 Linux Kernel 2012-05-29 4.9
The ptrace_setxregs function in arch/xtensa/kernel/ptrace.c in the Linux kernel before 3.1 does not validate user-space pointers, which allows local users to obtain sensitive information from kernel memory locations via a crafted PTRACE_SETXTREGS request.
CVE-2011-3363 1 Linux 1 Linux Kernel 2012-05-29 5.4
The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service (system crash) by placing a referral at the root of a share.
CVE-2011-3637 1 Linux 1 Linux Kernel 2012-05-17 4.9
The m_stop function in fs/proc/task_mmu.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (OOPS) via vectors that trigger an m_start error.
CVE-2011-1159 1 Tedfelix 1 Acpid 2012-05-14 2.1
acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service (daemon hang) via a crafted application that...
CVE-2011-4231 1 Cisco 2 Ios, Ios Xe 2012-05-11 6.3
Cisco IOS 15.1 and 15.2 and IOS XE 3.x, when configured as an IPsec hub with X.509 certificates in use, allows remote authenticated users to cause a denial of service (segmentation fault and device crash) via unspecified vectors, aka Bug ID CSCtq61128.
CVE-2012-0674 1 Apple 1 Iphone Os 2012-05-08 4.3
Safari in Apple iOS before 5.1.1 allows remote attackers to spoof the location bar's URL via a crafted web site.
CVE-2011-1169 1 Linux 1 Linux Kernel 2012-04-27 6.9
Array index error in the asihpi_hpi_ioctl function in sound/pci/asihpi/hpioctl.c in the AudioScience HPI driver in the Linux kernel before 2.6.38.1 might allow local users to cause a denial of service (memory corruption) or possibly gain...
CVE-2011-1528 1 Mit 1 Kerberos 2012-04-20 7.8
The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion...
CVE-2011-5086 1 Nsoftware 1 Unitronics Uniopc 2012-04-20 6.8
https50.ocx in IP*Works! SSL in the server in Unitronics UniOPC before 2.0.0 does not properly implement an unspecified function, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code...
CVE-2011-4871 1 Opcsystems 1 Opcsystems.net 2012-04-20 5.0
Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723.