Vulnerabilities (CVE)

Total 243265 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-7236 1 Microsoft 3 Excel, Excel For Mac, Sharepoint Server 2023-12-10 9.3 HIGH 7.8 HIGH
Microsoft Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
CVE-2013-7120 2023-12-10 N/A N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none
CVE-2016-8027 1 Mcafee 1 Epolicy Orchestrator 2023-12-10 7.5 HIGH 10.0 CRITICAL
SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier allows attackers to alter a SQL query, which can result in disclosure of information within the database or impersonation of an agent without authentication via a specially crafted HTTP post.
CVE-2017-5502 1 Jasper Project 1 Jasper 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
libjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
CVE-2013-6542 2023-12-10 N/A N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none
CVE-2016-3124 1 Simplesamlphp 1 Simplesamlphp 2023-12-10 5.0 MEDIUM 5.3 MEDIUM
The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors.
CVE-2016-9417 1 Mybb 2 Merge System, Mybb 2023-12-10 5.8 MEDIUM 7.4 HIGH
The fetch_remote_file function in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors.
CVE-2015-2386 2023-12-10 N/A N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none
CVE-2016-9129 1 Revive-adserver 1 Revive Adserver 2023-12-10 5.0 MEDIUM 5.3 MEDIUM
Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy. It is possible to check whether or not an email address was associated to one or more user accounts on a target Revive Adserver instance by examining the message printed by the password recovery system. Such information cannot however be used directly to log in to the system, which requires a username.
CVE-2016-9181 1 Image-info Project 1 Image-info For Perl 2023-12-10 5.8 MEDIUM 7.1 HIGH
perl-Image-Info: When parsing an SVG file, external entity expansion (XXE) was not disabled. An attacker could craft an SVG file which, when processed by an application using perl-Image-Info, could cause denial of service or, potentially, information disclosure.
CVE-2016-2583 2023-12-10 N/A N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none
CVE-2017-8775 1 Quickheal 3 Antivirus Pro, Internet Security, Total Security 2023-12-10 7.5 HIGH 9.8 CRITICAL
Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Memory Corruption while parsing a malformed Mach-O file.
CVE-2017-7579 1 Phpmyfaq 1 Phpmyfaq 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field.
CVE-2017-6880 1 Cerberus 1 Cerberus Ftp Server 2023-12-10 7.5 HIGH 9.8 CRITICAL
Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long MLST command.
CVE-2017-7207 1 Artifex 1 Ghostscript 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.
CVE-2005-4107 2023-12-10 N/A N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none
CVE-2011-2418 2023-12-10 N/A N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none
CVE-2016-9932 1 Xen 1 Xen 2023-12-10 2.1 LOW 3.3 LOW
CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix.
CVE-2013-5082 2023-12-10 N/A N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none
CVE-2012-6286 2023-12-10 N/A N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none