Search
31,035 CVEs · Critical severity
CVEs (31,035, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 326–350 of 31,035 (capped at 500)
| CVE ID ↑ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2012-4284 | CRITICAL | 9.8 | 2020-01-10 | A Privilege Escalation vulnerability exists in Viscosity 1.4.1 on Mac OS X due to a path name validation issue in the setuid-set ViscosityHelper binary, which could let a r… | |
| CVE-2012-4406 | CRITICAL | Patched | 9.8 | 2012-10-22 | OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remo… |
| CVE-2012-4449 | CRITICAL | Patched | 9.8 | 2017-10-30 | Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a 20-bit secret when Kerberos security features are enabled, which makes … |
| CVE-2012-4570 | CRITICAL | Patched | 9.8 | 2017-10-23 | SQL injection vulnerability in LetoDMS_Core/Core/inc.ClassDMS.php in LetoDMS (formerly MyDMS) before 3.3.8 allows remote attackers to execute arbitrary SQL commands via uns… |
| CVE-2012-4681 | CRITICAL | 9.8 | 2012-08-28 | Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a cra… | |
| CVE-2012-4750 | CRITICAL | 9.8 | 2020-01-13 | A Code Execution vulnerability exists in the memcpy function when processing AMF requests in Ezhometech EzServer 7.0, which could let a remote malicious user execute arbitr… | |
| CVE-2012-4787 | CRITICAL | 9.0 | 2012-12-12 | Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an obj… | |
| CVE-2012-4919 | CRITICAL | 9.8 | 2020-01-22 | Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability | |
| CVE-2012-5076 | CRITICAL | 9.8 | 2012-10-16 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integr… | |
| CVE-2012-5190 | CRITICAL | 9.8 | 2020-01-21 | Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability | |
| CVE-2012-5357 | CRITICAL | Patched | 9.8 | 2017-10-30 | Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote attackers to execute arbitrary… |
| CVE-2012-5358 | CRITICAL | Patched | 9.8 | 2017-10-30 | The XSLTCompiledTransform function in Ektron Content Management System (CMS) before 8.02 SP5 configures the XSL with enableDocumentFunction set to true, which allows remote… |
| CVE-2012-5376 | CRITICAL | Patched | 9.6 | 2012-10-11 | The Inter-process Communication (IPC) implementation in Google Chrome before 22.0.1229.94 allows remote attackers to bypass intended sandbox restrictions and write to arbit… |
| CVE-2012-5582 | CRITICAL | 9.8 | 2019-11-25 | opendnssec misuses libcurl API | |
| CVE-2012-5618 | CRITICAL | Patched | 9.8 | 2020-02-04 | Ushahidi before 2.6.1 has insufficient entropy for forgot-password tokens. |
| CVE-2012-5686 | CRITICAL | 9.8 | 2020-02-04 | ZPanel 10.0.1 has insufficient entropy for its password reset process. | |
| CVE-2012-5699 | CRITICAL | Patched | 9.8 | 2020-01-23 | BabyGekko before 1.2.4 allows PHP file inclusion. |
| CVE-2012-5867 | CRITICAL | 9.8 | 2020-01-23 | HT Editor 2.0.20 has a Remote Stack Buffer Overflow Vulnerability | |
| CVE-2012-5872 | CRITICAL | Patched | 9.8 | 2023-04-26 | ARC (aka ARC2) through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2_StoreSelectQueryHandler.php via comments in a SPARQL WHERE clause. |
| CVE-2012-5878 | CRITICAL | Patched | 9.8 | 2020-01-03 | Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostingPath param… |
| CVE-2012-6068 | CRITICAL | 9.8 | 2013-01-21 | The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not require authentication, which allows remote attackers to execute commands via the command-line interf… | |
| CVE-2012-6069 | CRITICAL | 10.0 | 2013-01-21 | The CoDeSys Runtime Toolkit’s file transfer functionality does not perform input validation, which allows an attacker to access files and directories outside the intended… | |
| CVE-2012-6094 | CRITICAL | Patched | 9.8 | 2019-12-20 | cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system |
| CVE-2012-6125 | CRITICAL | Patched | 9.8 | 2019-10-31 | Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions. |
| CVE-2012-6306 | CRITICAL | 9.8 | 2020-02-06 | A vulnerability exists in HCView (aka Hardcoreview) 1.4 due to a write access violation with a GIF file. |