Export limit exceeded: 366311 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 23537 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 23537 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 12803 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (12803 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-7545 4 Canonical, Git Project, Opensuse and 1 more 6 Ubuntu Linux, Git, Opensuse and 3 more 2025-04-12 N/A
The (1) git-remote-ext and (2) unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execute arbitrary code via a URL in a (a) .gitmodules file or (b) unknown other sources in a submodule.
CVE-2015-7521 1 Apache 1 Hive 2025-04-12 N/A
The authorization framework in Apache Hive 1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.2.0 and 1.2.1, on clusters protected by Ranger and SqlStdHiveAuthorization, allows attackers to bypass intended parent table access restrictions via unspecified partition-level operations.
CVE-2015-1000009 1 Google-adsense-and-hotel-booking Project 1 Google-adsense-and-hotel-booking 2025-04-12 N/A
Open proxy in Wordpress plugin google-adsense-and-hotel-booking v1.05
CVE-2015-1000007 1 Wptf-image-gallery Project 1 Wptf-image-gallery 2025-04-12 N/A
Remote file download vulnerability in wptf-image-gallery v1.03
CVE-2015-7914 1 Sauter 1 Moduweb Vision 2025-04-12 N/A
Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote attackers to bypass authentication by leveraging knowledge of a password hash without knowledge of the associated password.
CVE-2016-2100 2 Redhat, Theforeman 3 Satellite, Satellite Capsule, Foreman 2025-04-12 N/A
Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authenticated users to read, modify, or delete private bookmarks by leveraging the (1) edit_bookmarks or (2) destroy_bookmarks permission.
CVE-2016-6325 2 Apache, Redhat 11 Tomcat, Enterprise Linux, Enterprise Linux Desktop and 8 more 2025-04-12 N/A
The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group.
CVE-2015-0694 1 Cisco 7 Asr 9001, Asr 9006, Asr 9010 and 4 more 2025-04-12 N/A
Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug ID CSCur28806.
CVE-2016-4081 1 Wireshark 1 Wireshark 2025-04-12 N/A
epan/dissectors/packet-iax2.c in the IAX2 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
CVE-2015-0675 1 Cisco 1 Adaptive Security Appliance Software 2025-04-12 N/A
The failover ipsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1(6), 9.2 before 9.2(3.3), and 9.3 before 9.3(3) does not properly validate failover communication messages, which allows remote attackers to reconfigure an ASA device, and consequently obtain administrative control, by sending crafted UDP packets over the local network to the failover interface, aka Bug ID CSCur21069.
CVE-2016-0226 2 Ibm, Microsoft 2 Informix Dynamic Server, Windows 2025-04-12 N/A
The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the (1) nsrd, (2) nsrexecd, and (3) portmap executable files, which allows local users to gain privileges via a Trojan horse file.
CVE-2016-0222 1 Ibm 8 Maximo Asset Management, Maximo For Government, Maximo For Life Sciences and 5 more 2025-04-12 N/A
IBM Maximo Asset Management 7.6 before 7.6.0.3 IFIX001 allows remote authenticated users to bypass intended access restrictions and read arbitrary purchase-order work logs via unspecified vectors.
CVE-2016-0279 1 Ibm 1 Domino 2025-04-12 N/A
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6 allows remote attackers to execute arbitrary code via a crafted PDF document, a different vulnerability than CVE-2016-0277, CVE-2016-0278, and CVE-2016-0301.
CVE-2016-0340 1 Ibm 1 Security Identity Manager Adapter 2025-04-12 N/A
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles session expiration, which allows remote attackers to hijack sessions by leveraging an unattended workstation.
CVE-2016-0357 1 Ibm 1 Security Identity Manager Adapter 2025-04-12 N/A
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 allows remote attackers to conduct clickjacking attacks via a crafted web site.
CVE-2016-1000214 1 Ruckus 1 Wireless H500 2025-04-12 N/A
Ruckus Wireless H500 web management interface authentication bypass
CVE-2015-0660 1 Cisco 1 Telepresence Server Software 2025-04-12 N/A
Cisco Virtual TelePresence Server Software does not properly restrict use of the serial port, which allows local users to execute arbitrary OS commands as root by leveraging vSphere controller administrative privileges, aka Bug ID CSCus61123.
CVE-2016-1044 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more 2025-04-12 N/A
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1062, and CVE-2016-1117.
CVE-2016-1710 2 Google, Redhat 2 Chrome, Rhel Extras 2025-04-12 N/A
The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not prevent window creation by a deferred frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
CVE-2015-6984 1 Apple 1 Mac Os X 2025-04-12 N/A
libarchive in Apple OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that conducts an unspecified symlink attack.