Search Results (1062 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-1544 3 Mariadb, Oracle, Redhat 8 Mariadb, Mysql, Enterprise Linux and 5 more 2025-04-11 N/A
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
CVE-2013-1552 3 Mariadb, Oracle, Redhat 8 Mariadb, Mysql, Enterprise Linux and 5 more 2025-04-11 N/A
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2013-1620 4 Canonical, Mozilla, Oracle and 1 more 16 Ubuntu Linux, Network Security Services, Enterprise Manager Ops Center and 13 more 2025-04-11 N/A
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
CVE-2013-1896 4 Apache, Canonical, Opensuse and 1 more 11 Http Server, Ubuntu Linux, Opensuse and 8 more 2025-04-11 N/A
mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
CVE-2013-2375 3 Mariadb, Oracle, Redhat 8 Mariadb, Mysql, Enterprise Linux and 5 more 2025-04-11 N/A
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2013-2378 3 Mariadb, Oracle, Redhat 8 Mariadb, Mysql, Enterprise Linux and 5 more 2025-04-11 N/A
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
CVE-2013-2391 3 Mariadb, Oracle, Redhat 8 Mariadb, Mysql, Enterprise Linux and 5 more 2025-04-11 N/A
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.
CVE-2013-2555 8 Adobe, Apple, Google and 5 more 14 Air, Flash Player, Macos and 11 more 2025-04-11 N/A
Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.
CVE-2012-2039 8 Adobe, Apple, Google and 5 more 14 Air, Flash Player, Macos and 11 more 2025-04-11 N/A
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors.
CVE-2012-2038 8 Adobe, Apple, Google and 5 more 14 Air, Flash Player, Macos and 11 more 2025-04-11 N/A
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
CVE-2012-2037 8 Adobe, Apple, Google and 5 more 14 Air, Flash Player, Macos and 11 more 2025-04-11 N/A
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2034.
CVE-2012-2036 8 Adobe, Apple, Google and 5 more 14 Air, Flash Player, Macos and 11 more 2025-04-11 N/A
Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors.
CVE-2012-1717 5 Linux, Oracle, Redhat and 2 more 23 Linux Kernel, Jdk, Jre and 20 more 2025-04-11 N/A
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux.
CVE-2010-4649 2 Linux, Redhat 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2025-04-11 N/A
Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large value of a certain structure member.
CVE-2011-1044 2 Linux, Redhat 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2025-04-11 N/A
The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649.
CVE-2025-1756 2 Mongodb, Redhat 13 Mongosh, Codeready Linux Builder Eus, Codeready Linux Builder For Arm64 Eus and 10 more 2025-04-09 7.5 High
mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privilege, when a crafted file is stored in C:\node_modules\. This issue affects mongosh prior to 2.3.0
CVE-2022-4254 2 Fedoraproject, Redhat 16 Sssd, Enterprise Linux, Enterprise Linux Desktop and 13 more 2025-03-27 8.8 High
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
CVE-2023-0494 3 Fedoraproject, Redhat, X.org 22 Fedora, Enterprise Linux, Enterprise Linux Aus and 19 more 2025-02-24 7.8 High
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding sessions.
CVE-2023-2203 2 Redhat, Webkitgtk 5 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux Server Aus and 2 more 2025-01-22 8.8 High
A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.
CVE-2023-2491 2 Gnu, Redhat 5 Emacs, Enterprise Linux, Enterprise Linux Eus and 2 more 2025-01-22 7.8 High
A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the "org-babel-execute:latex" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.