Search
59,872 CVEs
CVEs (59,872, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 126–150 of 59,872 (capped at 500)
| CVE ID ↑ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2012-10052 | NONE | — | 2025-08-08 | EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script. The application fails to validate file types or enforce au… | |
| CVE-2012-10053 | NONE | — | 2025-08-08 | Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of the Connection HTTP header. When a remote attacker sends an overly long st… | |
| CVE-2012-10054 | CRITICAL | Patched | 9.8 | 2025-08-13 | Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via the codeEditorSave.asmx SOAP endpoint, which exposes a SaveDLRScript operati… |
| CVE-2012-10055 | NONE | — | 2025-08-13 | ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending a specially crafted username containing forma… | |
| CVE-2012-10056 | NONE | — | 2025-08-13 | PHP Volunteer Management System v1.0.2 contains an arbitrary file upload vulnerability in its document upload functionality. Authenticated users can upload files to the mod… | |
| CVE-2012-10057 | NONE | — | 2025-08-13 | Lattice Semiconductor ispVM System v18.0.2 contains a buffer overflow vulnerability in its handling of .xcf project files. When parsing the version attribute of the ispXCF … | |
| CVE-2012-10058 | NONE | — | 2025-08-13 | RabidHamster R4 v1.25 contains a stack-based buffer overflow vulnerability due to unsafe use of sprintf() when logging malformed HTTP requests. A remote attacker can exploi… | |
| CVE-2012-10059 | NONE | — | 2025-08-13 | Dolibarr ERP/CRM versions <= 3.1.1 and <= 3.2.0 contain a post-authenticated OS command injection vulnerability in its database backup feature. The export.php script fails … | |
| CVE-2012-10060 | CRITICAL | Patched | 9.8 | 2025-08-13 | Sysax Multi Server versions prior to 5.55 contain a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentic… |
| CVE-2012-10061 | NONE | — | 2025-08-20 | Sockso Music Host Server versions <= 1.5 are vulnerable to a path traversal flaw that allows unauthenticated remote attackers to read arbitrary files from the server’s file… | |
| CVE-2012-10062 | NONE | — | 2025-08-30 | A vulnerability in XAMPP, developed by Apache Friends, version 1.7.3's default WebDAV configuration allows remote authenticated attackers to upload and execute arbitrary PH… | |
| CVE-2012-10063 | CRITICAL | Patched | 9.8 | 2025-10-30 | Nagios XI versions prior to 2012R1.3 contain a SQL injection vulnerability in the legacy Core Configuration Manager (CCM) interface. Authenticated users could manipulate SQ… |
| CVE-2012-10064 | NONE | — | 2026-01-16 | Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secu… | |
| CVE-2013-10031 | HIGH | Patched | 7.5 | 2025-12-09 | Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks |
| CVE-2013-10032 | HIGH | 8.8 | 2025-07-25 | An authenticated remote code execution vulnerability exists in GetSimpleCMS version 3.2.1. The application’s upload.php endpoint allows authenticated users to upload arbitr… | |
| CVE-2013-10033 | NONE | — | 2025-07-31 | An unauthenticated SQL injection vulnerability exists in Kimai version 0.9.2.x via the db_restore.php endpoint. The flaw allows attackers to inject arbitrary SQL queries in… | |
| CVE-2013-10034 | NONE | Patched | — | 2025-07-31 | An unrestricted file upload vulnerability exists in Kaseya KServer versions prior to 6.3.0.2. The uploadImage.asp endpoint allows unauthenticated users to upload files to a… |
| CVE-2013-10035 | NONE | — | 2025-07-31 | A code injection vulnerability exists in ProcessMaker Open Source versions 2.x when using the default 'neoclassic' skin. An authenticated user can execute arbitrary PHP cod… | |
| CVE-2013-10036 | NONE | — | 2025-07-31 | A stack-based buffer overflow vulnerability exists in Beetel Connection Manager version PCW_BTLINDV1.0.0B04 when parsing the UserName parameter in the NetConfig.ini configu… | |
| CVE-2013-10037 | NONE | — | 2025-07-31 | An OS command injection vulnerability exists in WebTester version 5.x via the install2.php installation script. The parameters cpusername, cppassword, and cpdomain are pass… | |
| CVE-2013-10038 | NONE | — | 2025-07-31 | An unauthenticated arbitrary file upload vulnerability exists in FlashChat versions 6.0.2 and 6.0.4 through 6.0.8. The upload.php endpoint fails to properly validate file t… | |
| CVE-2013-10039 | NONE | — | 2025-07-31 | A command injection vulnerability exists in GestioIP 3.0 commit ac67be and earlier in ip_checkhost.cgi. Crafted input to the 'ip' parameter allows attackers to execute arbi… | |
| CVE-2013-10040 | CRITICAL | Patched | 9.8 | 2025-07-31 | ClipBucket version 2.6 and earlier contains a critical vulnerability in the ofc_upload_image.php script located at /admin_area/charts/ofc-library/. This endpoint allows una… |
| CVE-2013-10041 | NONE | — | 2026-04-22 | Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | |
| CVE-2013-10042 | CRITICAL | Patched | 9.8 | 2025-07-31 | A stack-based buffer overflow vulnerability exists in freeFTPd version 1.0.10 and earlier in the handling of the FTP PASS command. When an attacker sends a specially crafte… |