Export limit exceeded: 12617 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (12617 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-5621 1 Oracle 1 Flexcube Universal Banking 2025-04-12 N/A
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 and 12.0.3, 12.1.0, and 12.2.0 allows remote authenticated users to affect confidentiality via vectors related to INFRA, a different vulnerability than CVE-2016-5603.
CVE-2016-1044 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more 2025-04-12 N/A
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1062, and CVE-2016-1117.
CVE-2016-6140 1 Sap 1 Trex 2025-04-12 N/A
SAP TREX 7.10 Revision 63 allows remote attackers to write to arbitrary files via vectors related to RFC-Gateway, aka SAP Security Note 2203591.
CVE-2016-6183 1 Huawei 2 Honor 4c, Honor 4c Firmware 2025-04-12 N/A
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6180, CVE-2016-6181, CVE-2016-6182, and CVE-2016-6184.
CVE-2016-10105 1 Piwigo 1 Piwigo 2025-04-12 N/A
admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections variable while using it to include files. This can cause information disclosure and code execution if it contains a .. sequence.
CVE-2016-6184 1 Huawei 2 Honor 4c, Honor 4c Firmware 2025-04-12 N/A
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6180, CVE-2016-6181, CVE-2016-6182, and CVE-2016-6183.
CVE-2014-8764 2 Dokuwiki, Mageia Project 2 Dokuwiki, Mageia 2025-04-12 N/A
DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a user name and password starting with a null (\0) character, which triggers an anonymous bind.
CVE-2016-6702 1 Google 1 Android 2025-04-12 N/A
A remote code execution vulnerability in libjpeg in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses libjpeg. Android ID: A-30259087.
CVE-2016-6703 1 Google 1 Android 2025-04-12 N/A
A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Android runtime. Android ID: A-30765246.
CVE-2016-6825 1 Huawei 12 Rh1288 V3 Server, Rh1288 V3 Server Firmware, Rh2288 V3 Server and 9 more 2025-04-12 N/A
Huawei XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610, RH1288 V3 servers with software before V100R003C00SPC613, RH2288 V3 servers with software before V100R003C00SPC617, and RH2288H V3 servers with software before V100R003C00SPC515 allow remote attackers to obtain passwords via a brute-force attack, related to "lack of authentication protection mechanisms."
CVE-2016-6826 1 Huawei 1 Anyoffice Secureapp 2025-04-12 N/A
Huawei AnyMail before 2.6.0301.0060 allows remote attackers to cause a denial of service (application crash) via a crafted compressed email attachment.
CVE-2016-1041 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more 2025-04-12 N/A
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117.
CVE-2015-6478 1 Unitronics 1 Visilogic Oplc Ide 2025-04-12 N/A
Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site.
CVE-2015-6928 1 Cubecart 1 Cubecart 2025-04-12 N/A
classes/admin.class.php in CubeCart 5.2.12 through 5.2.16 and 6.x before 6.0.7 does not properly validate that a password reset request was made, which allows remote attackers to change the administrator password via a recovery request with a space character in the validate parameter and the administrator email in the email parameter.
CVE-2016-7212 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2025-04-12 N/A
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow remote attackers to execute arbitrary code via a crafted image file, aka "Windows Remote Code Execution Vulnerability."
CVE-2016-1402 1 Cisco 2 Identity Services Engine, Identity Services Engine Software 2025-04-12 N/A
The Active Directory (AD) integration component in Cisco Identity Service Engine (ISE) before 1.2.0.899 patch 7, when AD group-membership authorization is enabled, allows remote attackers to cause a denial of service (authentication outage) via a crafted Password Authentication Protocol (PAP) authentication request, aka Bug ID CSCun25815.
CVE-2016-1672 5 Debian, Google, Opensuse and 2 more 9 Debian Linux, Chrome, Leap and 6 more 2025-04-12 N/A
The ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the extension bindings in Google Chrome before 51.0.2704.63 mishandles properties, which allows remote attackers to conduct bindings-interception attacks and bypass the Same Origin Policy via unspecified vectors.
CVE-2016-8291 1 Oracle 1 Peoplesoft Enterprise Peopletools 2025-04-12 N/A
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote attackers to affect confidentiality and integrity via vectors related to Mobile Application Platform.
CVE-2016-8222 1 Lenovo 148 Thinkpad 10 Ella 2, Thinkpad 10 Ella 2 Bios, Thinkpad 11e Beema and 145 more 2025-04-12 N/A
A vulnerability has been identified in a signed kernel driver for the BIOS of some ThinkPad systems that can allow an attacker with Windows administrator-level privileges to call System Management Mode (SMM) services. This could lead to a denial of service attack or allow certain BIOS variables or settings to be altered (such as boot sequence). The setting or changing of BIOS passwords is not affected by this vulnerability.
CVE-2014-9217 1 Torch Gmbh 1 Graylog2 2025-04-12 N/A
Graylog2 before 0.92 allows remote attackers to bypass LDAP authentication via crafted wildcards.