Export limit exceeded: 363282 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363282 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363282 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-2997 1 F5 1 Big-ip Configuration Utility 2025-04-11 N/A
XML External Entity (XXE) vulnerability in sam/admin/vpe2/public/php/server.php in F5 BIG-IP 10.0.0 through 10.2.4 and 11.0.0 through 11.2.1 allows remote authenticated users to read arbitrary files via a crafted XML file.
CVE-2012-2998 1 Trend Micro 1 Control Manager 2025-04-11 N/A
SQL injection vulnerability in the ad hoc query module in Trend Micro Control Manager (TMCM) before 5.5.0.1823 and 6.0 before 6.0.0.1449 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-2999 1 Cerberusftp 1 Ftp Server 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in Cerberus FTP Server before 5.0.5.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user account or (2) reconfigure the state of the FTP service, as demonstrated by a request to usermanager/users/modify.
CVE-2012-3000 1 F5 10 Big-ip Access Policy Manager, Big-ip Analytics, Big-ip Application Security Manager and 7 more 2025-04-11 N/A
Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x before 11.2.0-HF3 and 11.2.x before 11.2.1-HF3 allow remote authenticated users to execute arbitrary SQL commands via the defaultQuery parameter.
CVE-2012-3001 1 Mutiny 1 Standard 2025-04-11 N/A
Mutiny Standard before 4.5-1.12 allows remote attackers to execute arbitrary commands via the network-interface menu, related to a "command injection vulnerability."
CVE-2012-3002 2 Foscam, Wansview 2 H.264 Hi3510\/11\/12 Ip Camera, H.264 Hi3510\/11\/12 Ip Camera 2025-04-11 N/A
The web interface on (1) Foscam and (2) Wansview IP cameras allows remote attackers to bypass authentication, and perform administrative functions or read the admin password, via a direct request to an unspecified URL.
CVE-2012-3003 1 Siemens 1 Wincc 2025-04-11 N/A
Open redirect vulnerability in an unspecified web application in Siemens WinCC 7.0 SP3 before Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a GET request.
CVE-2012-3004 1 Realflex 3 Flexview, Realwin, Realwindemo 2025-04-11 N/A
Multiple untrusted search path vulnerabilities in RealFlex RealWin before 2.1.13, FlexView before 3.1.86, and RealWinDemo before 2.1.13 allow local users to gain privileges via a Trojan horse (1) realwin.dll or (2) keyhook.dll file in the current working directory.
CVE-2012-3012 1 Arbiter 2 Power Sentinel, Power Sentinel 1133a Firmware 2025-04-11 N/A
The Arbiter Power Sentinel 1133A device with firmware before 11Jun2012 Rev 421 allows remote attackers to cause a denial of service (Ethernet outage) via unspecified Ethernet traffic that fills a buffer, as demonstrated by a port scan.
CVE-2012-3005 1 Invensys 7 Foxboro Control Software, Infusion Ce\/fe\/scada, Intouch and 4 more 2025-04-11 N/A
Untrusted search path vulnerability in Invensys Wonderware InTouch 2012 and earlier, as used in Wonderware Application Server, Wonderware Information Server, Foxboro Control Software, InFusion CE/FE/SCADA, InBatch, and Wonderware Historian, allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2012-3006 1 Innominate 19 Eagle Mguard Bd-301010, Eagle Mguard Hw-201000, Mguard Blade Hw-104020 and 16 more 2025-04-11 N/A
The Innominate mGuard Smart HW before HW-101130 and BD before BD-101030, mGuard industrial RS, mGuard delta HW before HW-103060 and BD before BD-211010, mGuard PCI, mGuard blade, and EAGLE mGuard appliances with software before 7.5.0 do not use a sufficient source of entropy for private keys, which makes it easier for man-in-the-middle attackers to spoof (1) HTTPS or (2) SSH servers by predicting a key value.
CVE-2012-3007 1 Invensys 5 Dasabcip, Daserver Runtime Components, Dassidirect and 2 more 2025-04-11 N/A
Stack-based buffer overflow in slssvc.exe before 58.x in Invensys Wonderware SuiteLink in the Invensys System Platform software suite, as used in InTouch/Wonderware Application Server IT before 10.5 and WAS before 3.5, DASABCIP before 4.1 SP2, DASSiDirect before 3.0, DAServer Runtime Components before 3.0 SP2, and other products, allows remote attackers to cause a denial of service (daemon crash or hang) via a long Unicode string.
CVE-2012-3008 1 Osisoft 1 Pi Opc Da Interface 2025-04-11 N/A
Stack-based buffer overflow in OSIsoft PI OPC DA Interface before 2.3.20.9 allows remote authenticated users to execute arbitrary code by sending packet data during the processing of messages associated with OPC items.
CVE-2012-3009 1 Siemens 1 Comos 2025-04-11 N/A
Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls.
CVE-2012-3010 1 Ge 1 Intelligent Platforms Proficy Real-time Information Portal 2025-04-11 N/A
rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 through 3.5 SP1 allows remote attackers to cause a denial of service (memory corruption and service crash) or possibly execute arbitrary code via long input data, a different vulnerability than CVE-2012-3021 and CVE-2012-3026.
CVE-2012-3011 1 Fultek 1 Wintr Scada 2025-04-11 N/A
Directory traversal vulnerability in the web server in Fultek WinTr Scada 4.0.5 and earlier allows remote attackers to read arbitrary files via a crafted request.
CVE-2012-3013 1 Wago 1 Wago I\/o System 758 Industrial Pc Device 2025-04-11 N/A
WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices have default passwords for unspecified Web Based Management accounts, which makes it easier for remote attackers to obtain administrative access via a TCP session.
CVE-2012-3014 1 Garrettcom 2 Magnum Managed Networks Software-6k, Magnum Managed Networks Software-6k Secure 2025-04-11 N/A
The Management Software application in GarrettCom Magnum MNS-6K before 4.4.0, and 14.x before 14.4.0, has a hardcoded password for an administrative account, which allows local users to gain privileges via unspecified vectors.
CVE-2012-3015 1 Siemens 2 Simatic Pcs7, Simatic Step 7 2025-04-11 N/A
Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder.
CVE-2012-3016 1 Siemens 6 Simatic S7-400 Cpu 412-2 Pn, Simatic S7-400 Cpu 414-3 Pn\/dp, Simatic S7-400 Cpu 414f-3 Pn\/dp and 3 more 2025-04-11 N/A
Siemens SIMATIC S7-400 PN CPU devices with firmware 6 before 6.0.3 allow remote attackers to cause a denial of service (defect-mode transition and service outage) via crafted ICMP packets.