Skip to main content
CVE-2012-1714 CRITICAL Act Now

Unspecified vulnerability in a TList 6 ActiveX control in Oracle Hyperion Financial Management 11.1.1.4 and 11.1.2.1.104 allows remote attackers to execute arbitrary code via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle RCE Hyperion Financial Management
NVD
CVSS 2.0
10.0
EPSS
8.9%
CVE-2012-3002 CRITICAL Act Now

The web interface on (1) Foscam and (2) Wansview IP cameras allows remote attackers to bypass authentication, and perform administrative functions or read the admin password, via a direct request to. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass H 264 Hi3510 11 12 Ip Camera
NVD
CVSS 2.0
10.0
EPSS
1.6%
CVE-2012-1712 CRITICAL Act Now

Directory traversal vulnerability in the Liferay component in Oracle Sun GlassFish Web Space Server before 10.0 Update 7 Patch 2 has unknown impact and attack vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Path Traversal Glassfish Web Space Server10 0
NVD
CVSS 2.0
10.0
EPSS
0.7%
CVE-2012-0882 HIGH This Week

Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE MySQL
NVD
CVSS 2.0
7.5
EPSS
8.9%
CVE-2012-0957 MEDIUM POC PATCH This Month

The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available.

Linux Information Disclosure Linux Kernel
NVD GitHub Exploit-DB
CVSS 2.0
4.9
EPSS
0.5%
CVE-2012-4565 MEDIUM POC PATCH This Month

The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcp_congestion_control illinois setting is enabled, allows local users to cause a denial. Rated medium severity (CVSS 4.7). Public exploit code available.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
4.7
EPSS
0.1%
CVE-2012-4859 HIGH PATCH This Week

Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows local users to read or modify file system objects via unknown. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Information Disclosure IBM Tivoli Storage Manager For Space Management
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2012-3133 MEDIUM This Month

Buffer overflow in the DataDirect ODBC driver, as used in Oracle Hyperion Interactive Reporting 11.1.2.1 and 11.1.2.2, Essbase Server 11.1.2.1 and 11.1.2.2, Production Reporting Server 11.1.2.1 and. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Oracle Hyperion Interactive Reporting Essbase Server Hyperion Production Reporting Server +1
NVD
CVSS 2.0
6.8
EPSS
0.7%
CVE-2012-5954 MEDIUM This Month

Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows remote attackers to read or modify HSM-managed file system. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure IBM Tivoli Storage Manager For Space Management
NVD
CVSS 2.0
6.4
EPSS
0.3%
CVE-2012-3482 MEDIUM PATCH This Month

Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Buffer Overflow Denial Of Service Fetchmail
NVD
CVSS 2.0
5.8
EPSS
0.7%
CVE-2012-4444 MEDIUM PATCH This Month

The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux kernel before 2.6.36 allows remote attackers to bypass intended network restrictions via overlapping IPv6 fragments. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Linux Authentication Bypass Linux Kernel
NVD GitHub
CVSS 2.0
5.0
EPSS
1.3%
CVE-2012-0841 MEDIUM PATCH This Month

libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Libxml2 Iphone Os
NVD
CVSS 2.0
5.0
EPSS
1.0%
CVE-2012-5181 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in concrete5 Japanese 5.5.1 through 5.5.2.1 and concrete5 English 5.5.0 through 5.6.0.2 allows remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Concrete5
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2012-6325 MEDIUM This Month

VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Information Disclosure Vcenter Server Appliance
NVD
CVSS 2.0
4.0
EPSS
0.1%
CVE-2012-6324 MEDIUM This Month

Directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Path Traversal Vcenter Server Appliance
NVD
CVSS 2.0
4.0
EPSS
0.1%
CVE-2012-5517 MEDIUM PATCH This Month

The online_pages function in mm/memory_hotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have. Rated medium severity (CVSS 4.0).

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
4.0
EPSS
0.1%
CVE-2012-1699 LOW Monitor

The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6.6 and XFree86 before 3.3.3 calls the SendErrToClient function with a mask value instead of a. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service X Org X11 Xfree86
NVD
CVSS 2.0
3.6
EPSS
0.1%
CVE-2012-4508 LOW PATCH Monitor

Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as. Rated low severity (CVSS 1.9).

Linux Race Condition Information Disclosure Linux Kernel
NVD GitHub
CVSS 2.0
1.9
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy