Search
59,162 CVEs
CVEs (59,162, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 101–125 of 59,162 (capped at 500)
| CVE ID ↑ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2012-10028 | NONE | — | 2025-08-05 | Netwin SurgeFTP version 23c8 and prior contains a vulnerability in its web-based administrative console that allows authenticated users to execute arbitrary system commands… | |
| CVE-2012-10029 | NONE | — | 2025-08-05 | Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in `visApi.php`. An authenticated user can inject system … | |
| CVE-2012-10030 | CRITICAL | 9.8 | 2025-08-05 | FreeFloat FTP Server contains multiple critical design flaws that allow unauthenticated remote attackers to upload arbitrary files to sensitive system directories. The serv… | |
| CVE-2012-10031 | NONE | — | 2025-08-05 | BlazeVideo HDTV Player Pro v6.6.0.3 is vulnerable to a stack-based buffer overflow due to improper handling of user-supplied input embedded in .plf playlist files. When par… | |
| CVE-2012-10032 | NONE | — | 2025-08-05 | Maxthon3 versions prior to 3.3 are vulnerable to cross context scripting (XCS) via the about:history page. The browser’s trusted zone improperly handles injected script con… | |
| CVE-2012-10033 | NONE | — | 2025-08-05 | Narcissus is vulnerable to remote code execution via improper input handling in its image configuration workflow. Specifically, the backend.php script fails to sanitize the… | |
| CVE-2012-10034 | HIGH | 7.5 | 2025-08-05 | ClanSphere 2011.3 is vulnerable to a local file inclusion (LFI) flaw due to improper handling of the cs_lang cookie parameter. The application fails to sanitize user-suppli… | |
| CVE-2012-10035 | NONE | — | 2025-08-05 | Turbo FTP Server versions 1.30.823 and 1.30.826 contain a buffer overflow vulnerability in the handling of the PORT command. By sending a specially crafted payload, an unau… | |
| CVE-2012-10036 | NONE | — | 2025-08-08 | Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in tools/upload_file.php. The upload handler fails to validate the file type … | |
| CVE-2012-10037 | NONE | — | 2025-08-11 | PhpTax version 0.8 contains a remote code execution vulnerability in drawimage.php. The pfilez GET parameter is unsafely passed to the exec() function without sanitization.… | |
| CVE-2012-10038 | NONE | — | 2025-08-11 | Auxilium RateMyPet contains an unauthenticated arbitrary file upload vulnerability in upload_banners.php. The banner upload feature fails to validate file types or enforce … | |
| CVE-2012-10039 | NONE | — | 2025-08-11 | ZEN Load Balancer versions 2.0 and 3.0-rc1 contain a command injection vulnerability in content2-2.cgi. The filelog parameter is passed directly into a backtick-delimited e… | |
| CVE-2012-10040 | NONE | — | 2025-08-11 | Openfiler v2.x contains a command injection vulnerability in the system.html page. The device parameter is used to instantiate a NetworkCard object, whose constructor in ne… | |
| CVE-2012-10041 | NONE | — | 2025-08-08 | WAN Emulator v2.3 contains two unauthenticated command execution vulnerabilities. The result.php script calls shell_exec() with unsanitized input from the pc POST parameter… | |
| CVE-2012-10042 | NONE | — | 2025-08-08 | Sflog! CMS 1.0 contains an authenticated arbitrary file upload vulnerability in the blog management interface. The application ships with default credentials (admin:secret)… | |
| CVE-2012-10043 | NONE | — | 2025-08-08 | A stack-based buffer overflow vulnerability exists in ActFax Server version 4.32, specifically in the "Import Users from File" functionality of the client interface. The ap… | |
| CVE-2012-10044 | NONE | — | 2025-08-08 | MobileCartly version 1.0 contains an arbitrary file creation vulnerability in the savepage.php script. The application fails to perform authentication or authorization chec… | |
| CVE-2012-10045 | NONE | — | 2025-08-08 | XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary PHP code on the server. The flaw resides in the u… | |
| CVE-2012-10046 | NONE | — | 2025-08-08 | The E-Mail Security Virtual Appliance (ESVA) (tested on version ESVA_2057) contains an unauthenticated command injection vulnerability in the learn-msg.cgi script. The CGI … | |
| CVE-2012-10047 | NONE | — | 2025-08-08 | Cyclope Employee Surveillance Solution versions 6.x are vulnerable to a SQL injection flaw in its login mechanism. The username parameter in the auth-login POST request is … | |
| CVE-2012-10048 | NONE | — | 2025-08-08 | Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint. The daemon parameter is passed directly to a Popen() call in ZenossInfo.py w… | |
| CVE-2012-10049 | NONE | — | 2025-08-08 | WebPageTest version 2.6 and earlier contains an arbitrary file upload vulnerability in the resultimage.php script. The application fails to validate or sanitize user-suppli… | |
| CVE-2012-10050 | NONE | — | 2025-08-08 | CuteFlow version 2.11.2 and earlier contains an arbitrary file upload vulnerability in the restart_circulation_values_write.php script. The application fails to validate or… | |
| CVE-2012-10051 | NONE | — | 2025-08-08 | Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability in the handling of plugin load list files. When a specially crafted load fil… | |
| CVE-2012-10052 | NONE | — | 2025-08-08 | EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script. The application fails to validate file types or enforce au… |