Export limit exceeded: 363715 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363715 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363715 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-0379 1 Oracle 1 Siebel Crm 2025-04-11 N/A
Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to Siebel Calendar, a different vulnerability than CVE-2013-0378.
CVE-2013-0380 1 Oracle 1 E-business Suite 2025-04-11 N/A
Unspecified vulnerability in the Oracle Payroll component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to View Payslip.
CVE-2013-0381 1 Oracle 1 E-business Suite 2025-04-11 N/A
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Application Framework.
CVE-2013-0382 1 Oracle 1 E-business Suite 2025-04-11 N/A
Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Campaign Management.
CVE-2013-0383 4 Canonical, Mariadb, Oracle and 1 more 7 Ubuntu Linux, Mariadb, Mysql and 4 more 2025-04-11 N/A
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking.
CVE-2013-0080 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2025-04-11 N/A
Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka "Callback Function Vulnerability."
CVE-2012-6312 2 Video-lead-form, Wordpress 2 Uk-cookie, Wordpress 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Video Lead Form plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the errMsg parameter in a video-lead-form action to wp-admin/admin.php.
CVE-2012-6313 2 Simple Gmail Login, Wordpress 3 1.1.2, 1.1.3, Wordpress 2025-04-11 N/A
simple-gmail-login.php in the Simple Gmail Login plugin before 1.1.4 for WordPress allows remote attackers to obtain sensitive information via a request that lacks a timezone, leading to disclosure of the installation path in a stack trace.
CVE-2012-6314 1 Citrix 1 Xendesktop 2025-04-11 N/A
Citrix XenDesktop Virtual Desktop Agent (VDA) 5.6.x before 5.6.200, when making changes to the server-side policy that control USB redirection, does not propagate changes to the VDA, which allows authenticated users to retain access to the USB device.
CVE-2012-6324 1 Vmware 1 Vcenter Server Appliance 2025-04-11 N/A
Directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified vectors.
CVE-2012-6325 1 Vmware 1 Vcenter Server Appliance 2025-04-11 N/A
VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors.
CVE-2012-6326 1 Vmware 2 Vcenter Server, Vcenter Server Appliance 2025-04-11 N/A
VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCSA 5.0 before Update 2, allows remote attackers to cause a denial of service (disk consumption) via vectors that trigger large log entries.
CVE-2012-6329 2 Perl, Redhat 2 Perl, Enterprise Linux 2025-04-11 N/A
The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent attackers to execute arbitrary commands via crafted input to an application that accepts translation strings from users, as demonstrated by the TWiki application before 5.1.3, and the Foswiki application 1.0.x through 1.0.10 and 1.1.x through 1.1.6.
CVE-2012-6330 2 Foswiki, Twiki 2 Foswiki, Twiki 2025-04-11 N/A
The localization functionality in TWiki before 5.1.3, and Foswiki 1.0.x through 1.0.10 and 1.1.x through 1.1.6, allows remote attackers to cause a denial of service (memory consumption) via a large integer in a %MAKETEXT% macro.
CVE-2012-6333 1 Xen 1 Xen 2025-04-11 N/A
Multiple HVM control operations in Xen 3.4 through 4.2 allow local HVM guest OS administrators to cause a denial of service (physical CPU consumption) via a large input.
CVE-2012-6334 1 Samsung 4 Galaxy Note 2, Galaxy S, Galaxy S2 and 1 more 2025-04-11 N/A
The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices does not properly implement Location APIs, which allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer."
CVE-2012-6335 1 Avg 1 Avg Antivirus 2025-04-11 N/A
The Anti-theft service in AVG AntiVirus for Android allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer."
CVE-2012-6336 1 Lookout 1 Lookout 2025-04-11 N/A
The Missing Device feature in Lookout allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer."
CVE-2012-6337 1 Samsung 4 Galaxy Note 2, Galaxy S, Galaxy S2 and 1 more 2025-04-11 N/A
The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices shows the activation of remote tracking, which might allow physically proximate attackers to defeat a product-recovery effort by tampering with this feature or its location data.
CVE-2012-6339 1 Cerberusftp 1 Ftp Server 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cerberus FTP Server before 5.0.6.0 allow (1) remote attackers to inject arbitrary web script or HTML via a log entry that is not properly handled within the Log Manager component, and might allow (2) remote authenticated administrators to inject arbitrary web script or HTML via a Messages field to the servermanager program.