Total
248641 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-1861 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | |||||
CVE-2016-5222 | 1 Google | 1 Chrome | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Incorrect handling of invalid URLs in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
CVE-2016-6609 | 1 Phpmyadmin | 1 Phpmyadmin | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected. | |||||
CVE-2016-4830 | 1 Akindo-sushiro | 1 Sushiro | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
Sushiro App for iOS 2.1.16 and earlier and Sushiro App for Android 2.1.16.1 and earlier do not verify SSL certificates. | |||||
CVE-2016-2404 | 1 Huawei | 12 Acu2, Acu2 Firmware, S12700 and 9 more | 2023-12-10 | 6.0 MEDIUM | 7.5 HIGH |
Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting (AAA) for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal (VTY) access permission, resulting in privilege escalation. | |||||
CVE-2017-2548 | 1 Apple | 1 Mac Os X | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the "WindowServer" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
CVE-2016-1132 | 1 Docomo | 1 Shoplat | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify SSL certificates. | |||||
CVE-2015-7264 | 1 Proxygen Project | 1 Proxygen | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks. | |||||
CVE-2017-6403 | 1 Veritas | 2 Netbackup, Netbackup Appliance | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. NetBackup Cloud Storage Service uses a hardcoded username and password. | |||||
CVE-2016-7756 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | |||||
CVE-2017-2419 | 1 Apple | 2 Iphone Os, Safari | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass a Content Security Policy protection mechanism via unspecified vectors. | |||||
CVE-2016-2917 | 1 Ibm | 1 Tririga Application Platform | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
The notifications component in IBM TRIRIGA Applications 10.4 and 10.5 before 10.5.1 allows remote authenticated users to obtain sensitive password information, and consequently gain privileges, via unspecified vectors. | |||||
CVE-2016-8105 | 1 Intel | 8 X710-am2 Controller, X710-bm2 Controller, X710 Series Driver and 5 more | 2023-12-10 | 6.1 MEDIUM | 6.5 MEDIUM |
Drivers for the Intel Ethernet Controller X710 and Intel Ethernet Controller XL710 families before version 22.0 are vulnerable to a denial of service in certain layer 2 network configurations. | |||||
CVE-2017-0623 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 7.6 HIGH | 7.0 HIGH |
An elevation of privilege vulnerability in the HTC bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32512358. | |||||
CVE-2016-2254 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | |||||
CVE-2011-2228 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none | |||||
CVE-2015-8858 | 1 Uglifyjs Project | 1 Uglifyjs | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service (CPU consumption) via crafted input in a parse call, aka a "regular expression denial of service (ReDoS)." | |||||
CVE-2016-9770 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | |||||
CVE-2015-8091 | 2023-12-10 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none | |||||
CVE-2016-10266 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22. |