Total
2700 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-5573 | 1 Torproject | 1 Tor | 2017-08-29 | 5.0 MEDIUM | N/A |
| The connection_edge_process_relay_cell function in or/relay.c in Tor before 0.2.3.25 maintains circuits even if an unexpected SENDME cell arrives, which might allow remote attackers to cause a denial of service (memory consumption or excessive cell reception rate) or bypass intended flow-control restrictions via a RELAY_COMMAND_SENDME command. | |||||
| CVE-2012-5533 | 1 Lighttpd | 1 Lighttpd | 2017-08-29 | 5.0 MEDIUM | N/A |
| The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header. | |||||
| CVE-2012-5529 | 1 Firebirdsql | 1 Firebird | 2017-08-29 | 3.5 LOW | N/A |
| TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by preparing an empty dynamic SQL query. | |||||
| CVE-2012-4842 | 1 Ibm | 1 Lotus Domino | 2017-08-29 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
| CVE-2012-4841 | 1 Ibm | 1 Tivoli Endpoint Manager | 2017-08-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Tivoli Endpoint Manager for Remote Control Broker 8.2 before 8.2.1-TIV-TEMRC821-IF0002 allows remote attackers to cause a denial of service (resource consumption) via unknown vectors. | |||||
| CVE-2012-4622 | 1 Cisco | 2 Catalyst 4500e Series, Ios Xe | 2017-08-29 | 7.1 HIGH | N/A |
| Cisco IOS XE 03.02.00.XO.15.0(2)XO on Catalyst 4500E series switches, when a Supervisor Engine 7L-E card is installed, allows remote attackers to cause a denial of service (card reload) via malformed packets that trigger uncorrected ECC error messages, aka Bug ID CSCty88456. | |||||
| CVE-2012-4620 | 1 Cisco | 2 10008 Router, Ios | 2017-08-29 | 7.8 HIGH | N/A |
| Cisco IOS 12.2 and 15.0 through 15.2 on Cisco 10000 series routers, when a tunnel interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via tunneled (1) GRE/IP, (2) IPIP, or (3) IPv6 in IPv4 packets, aka Bug ID CSCts66808. | |||||
| CVE-2012-4559 | 1 Libssh | 1 Libssh | 2017-08-29 | 6.8 MEDIUM | N/A |
| Multiple double free vulnerabilities in the (1) agent_sign_data function in agent.c, (2) channel_request function in channels.c, (3) ssh_userauth_pubkey function in auth.c, (4) sftp_parse_attr_3 function in sftp.c, and (5) try_publickey_from_file function in keyfiles.c in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-4539 | 1 Xen | 1 Xen | 2017-08-29 | 2.1 LOW | N/A |
| Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka "Grant table hypercall infinite loop DoS vulnerability." | |||||
| CVE-2012-4535 | 1 Xen | 1 Xen | 2017-08-29 | 1.9 LOW | N/A |
| Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline." | |||||
| CVE-2012-4432 | 1 Optipng | 1 Optipng | 2017-08-29 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to "palette reduction." | |||||
| CVE-2012-3950 | 1 Cisco | 1 Ios | 2017-08-29 | 7.1 HIGH | N/A |
| The Intrusion Prevention System (IPS) feature in Cisco IOS 12.3 through 12.4 and 15.0 through 15.2, in certain configurations of enabled categories and missing signatures, allows remote attackers to cause a denial of service (device reload) via DNS packets, aka Bug ID CSCtw55976. | |||||
| CVE-2012-3919 | 1 Cisco | 1 Application Control Engine Module | 2017-08-29 | 5.0 MEDIUM | N/A |
| The Cisco Application Control Engine (ACE) module 3.0 for Cisco Catalyst switches and Cisco routers does not properly monitor Load Balancer (LB) queues, which allows remote attackers to cause a denial of service (incorrect memory access and module reboot) via application traffic, aka Bug ID CSCtw70879. | |||||
| CVE-2012-3747 | 1 Apple | 1 Iphone Os | 2017-08-29 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple iOS before 6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
| CVE-2012-3726 | 1 Apple | 1 Iphone Os | 2017-08-29 | 6.8 MEDIUM | N/A |
| Double free vulnerability in ImageIO in Apple iOS before 6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image. | |||||
| CVE-2012-3722 | 1 Apple | 3 Iphone Os, Mac Os X, Mac Os X Server | 2017-08-29 | 6.8 MEDIUM | N/A |
| The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding. | |||||
| CVE-2012-3300 | 1 Ibm | 1 Websphere Commerce | 2017-08-29 | 2.6 LOW | N/A |
| IBM WebSphere Commerce 7.0 before 7.0.0.6, when persistent sessions and personalization IDs are enabled, allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors. | |||||
| CVE-2012-3079 | 1 Cisco | 1 Ios | 2017-08-29 | 7.8 HIGH | N/A |
| Cisco IOS 12.2 allows remote attackers to cause a denial of service (CPU consumption) by establishing many IPv6 neighbors, aka Bug ID CSCtn78957. | |||||
| CVE-2012-3060 | 1 Cisco | 1 Unity Connection | 2017-08-29 | 7.8 HIGH | N/A |
| Cisco Unity Connection (UC) 8.6, 9.0, and 9.5 allows remote attackers to cause a denial of service (CPU consumption) via malformed UDP packets, aka Bug ID CSCtz76269. | |||||
| CVE-2012-2948 | 1 Asterisk | 2 Certified Asterisk, Open Source | 2017-08-29 | 4.0 MEDIUM | N/A |
| chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode. | |||||