Export limit exceeded: 363618 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363618 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-4702 | 1 360systems | 3 Image Server 2000, Image Server Maxx, Maxx | 2025-04-11 | N/A |
| 360 Systems Maxx, Image Server Maxx, and Image Server 2000 have a hardcoded password for the root account, which makes it easier for remote attackers to execute arbitrary code, or modify video content or scheduling, via an SSH session. | ||||
| CVE-2012-4703 | 1 Emerson | 3 Deltav Se3006 Sd Plus Controller, Deltav Ve3005 Controller Md, Deltav Ve3006 Controller Md Plus | 2025-04-11 | N/A |
| The Emerson DeltaV SE3006 through 11.3.1, DeltaV VE3005 through 10.3.1 and 11.x through 11.3.1, and DeltaV VE3006 through 10.3.1 and 11.x through 11.3.1 allow remote attackers to cause a denial of service (device restart) via a crafted packet on (1) TCP port 23, (2) UDP port 161, or (3) TCP port 513. | ||||
| CVE-2012-4704 | 1 3s-software | 1 Codesys Gateway-server | 2025-04-11 | N/A |
| Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2012-4705 | 1 3s-software | 1 Codesys Gateway-server | 2025-04-11 | N/A |
| Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname. | ||||
| CVE-2012-4706 | 1 3s-software | 1 Codesys Gateway-server | 2025-04-11 | N/A |
| Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow. | ||||
| CVE-2012-4707 | 1 3s-software | 1 Codesys Gateway-server | 2025-04-11 | N/A |
| 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors that trigger an out-of-bounds memory access. | ||||
| CVE-2012-4708 | 1 3s-software | 1 Codesys Gateway-server | 2025-04-11 | N/A |
| Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2012-4709 | 1 Invensys | 1 Wonderware Intouch | 2025-04-11 | N/A |
| Invensys Wonderware InTouch HMI 2012 R2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | ||||
| CVE-2012-4710 | 1 Invensys | 1 Wonderware Win-xml Exporter | 2025-04-11 | N/A |
| Invensys Wonderware Win-XML Exporter 1522.148.0.0 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with an entity reference. | ||||
| CVE-2012-4711 | 1 Wellintech | 1 Kingview | 2025-04-11 | N/A |
| Buffer overflow in kingMess.exe 65.20.2003.10300 in WellinTech KingView 6.52, kingMess.exe 65.20.2003.10400 in KingView 6.53, and kingMess.exe 65.50.2011.18049 in KingView 6.55 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted packet. | ||||
| CVE-2012-4712 | 1 Moxa | 2 Edr-g903, Edr-g903 Firmware | 2025-04-11 | N/A |
| Moxa EDR-G903 series routers with firmware before 2.11 have a hardcoded account, which allows remote attackers to obtain unspecified device access via unknown vectors. | ||||
| CVE-2012-4713 | 1 Rockwellautomation | 1 Factorytalk Services Platform | 2025-04-11 | N/A |
| Integer signedness error in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage or RNADiagReceiver.exe daemon crash) via UDP data that specifies a negative integer value. | ||||
| CVE-2012-4714 | 1 Rockwellautomation | 1 Factorytalk Services Platform | 2025-04-11 | N/A |
| Integer overflow in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage or RNADiagReceiver.exe daemon crash) via UDP data that specifies a large integer value. | ||||
| CVE-2012-4715 | 1 Rockwellautomation | 1 Rslinx Enterprise | 2025-04-11 | N/A |
| Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a UDP packet with a certain integer length value that is (1) too large or (2) too small, leading to improper handling by Logger.dll. | ||||
| CVE-2012-4729 | 1 Wftpserver | 1 Wing Ftp Server | 2025-04-11 | N/A |
| Wing FTP Server before 4.1.1 allows remote authenticated users to cause a denial of service (daemon crash) via two zip commands. | ||||
| CVE-2012-4730 | 1 Bestpractical | 1 Rt | 2025-04-11 | N/A |
| Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote authenticated users with ModifySelf or AdminUser privileges to inject arbitrary email headers and conduct phishing attacks or obtain sensitive information via unknown vectors. | ||||
| CVE-2012-4731 | 1 Bestpractical | 1 Rtfm | 2025-04-11 | N/A |
| FAQ manager for Request Tracker (RTFM) before 2.4.5 does not properly check user rights, which allows remote authenticated users to create arbitrary articles in arbitrary classes via unknown vectors. | ||||
| CVE-2012-4732 | 1 Bestpractical | 1 Rt | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Request Tracker (RT) 3.8.12 and other versions before 3.8.15, and 4.0.6 and other versions before 4.0.8, allows remote attackers to hijack the authentication of users for requests that toggle ticket bookmarks. | ||||
| CVE-2012-4733 | 1 Bestpractical | 1 Rt | 2025-04-11 | N/A |
| Request Tracker (RT) 4.x before 4.0.13 does not properly enforce the DeleteTicket and "custom lifecycle transition" permission, which allows remote authenticated users with the ModifyTicket permission to delete tickets via unspecified vectors. | ||||
| CVE-2012-4734 | 1 Bestpractical | 1 Rt | 2025-04-11 | N/A |
| Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to conduct a "confused deputy" attack to bypass the CSRF warning protection mechanism and cause victims to "modify arbitrary state" via unknown vectors related to a crafted link. | ||||