CVEs from 2012
Total
5,200
critical
critical 963
high
high 747
medium
medium 2,885
low
low 530
% Critical
18.5%
% with KEV
0.4%
% with exploit
3.2%
Top vendors
Top products
- chrome 7,005
- safari 6,451
- itunes 4,416
- firefox 4,272
- seamonkey 3,619
- opera_browser 3,599
- mysql 2,827
- thunderbird 2,165
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-4869 | high | — | 8.5 | 14y ago | The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attackers to execute arbitrary commands via the callmenum parameter in a c action. | |||
| CVE-2012-3009 | high | — | 8.5 | 14y ago | Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls. | |||
| CVE-2012-3951 | high | — | 8.5 | 14y ago | The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows r… | |||
| CVE-2012-3008 | high | — | 8.5 | 14y ago | Stack-based buffer overflow in OSIsoft PI OPC DA Interface before 2.3.20.9 allows remote authenticated users to execute arbitrary code by sending packet data during the processing of messages associa… | |||
| CVE-2012-3399 | high | — | 8.5 | 14y ago | Config/diff.php in Basilic 1.5.14 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter. | |||
| CVE-2012-2763 | high | — | 8.5 | 14y ago | Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long st… | |||
| CVE-2012-1667 | high | — | 8.5 | 14y ago | ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, wh… | |||
| CVE-2012-1675 | high | — | 8.5 | 14y ago | The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite,… | |||
| CVE-2012-0549 | high | — | 8.5 | 14y ago | Unspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Suite 20.1.1 allows remote attackers to affect confidentiality, integrity, and availability, related t… | |||
| CVE-2012-2441 | high | — | 8.5 | 14y ago | RuggedCom Rugged Operating System (ROS) before 3.3 has a factory account with a password derived from the MAC Address field in a banner, which makes it easier for remote attackers to obtain access by… | |||
| CVE-2012-1222 | high | — | 8.5 | 15y ago | Stack-based buffer overflow in RabidHamster R2/Extreme 1.65 and earlier allows remote authenticated users to execute arbitrary code via a long string to TCP port 23. | |||
| CVE-2012-1195 | high | — | 8.5 | 15y ago | Unrestricted file upload vulnerability in andesk/managementsuite/core/core.anonymous/ServerSetup.asmx in the ServerSetup web service in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to… | |||
| CVE-2012-0992 | high | — | 8.5 | 15y ago | interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the file parameter. | |||
| CVE-2012-1867 | high | 8.4 | 8.4 | 14y ago | Integer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold … | |||
| CVE-2012-0157 | high | 8.4 | 8.4 | 14y ago | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not pro… | |||
| CVE-2012-5458 | high | — | 8.3 | 14y ago | VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a cra… | |||
| CVE-2012-3703 | high | — | 8.3 | 14y ago | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differe… | |||
| CVE-2012-4297 | high | — | 8.3 | 14y ago | Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote a… | |||
| CVE-2012-3074 | high | — | 8.3 | 14y ago | An unspecified API on Cisco TelePresence Immersive Endpoint Devices before 1.9.1 allows remote attackers to execute arbitrary commands by leveraging certain adjacency and sending a malformed request … | |||
| CVE-2012-2486 | high | — | 8.3 | 14y ago | The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1… | |||
| CVE-2012-2004 | high | — | 8.3 | 14y ago | Open redirect vulnerability in HP Insight Management Agents before 9.0.0.0 on Windows Server 2003 and 2008 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attack… | |||
| CVE-2012-2002 | high | — | 8.3 | 14y ago | Open redirect vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||
| CVE-2012-1518 | high | — | 8.3 | 14y ago | VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware To… | |||
| CVE-2012-1515 | high | — | 8.3 | 14y ago | VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in… | |||
| CVE-2012-5879 | high | — | 8.2 | 13y ago | An ActiveX control in McHealthCheck.dll in McAfee Virtual Technician (MVT) and ePO-MVT 6.5.0.2101 and earlier allows remote attackers to modify or create arbitrary files via a full pathname argument … | |||
| CVE-2012-5519 | high | — | 8.2 | 14y ago | CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local use… | |||
| CVE-2012-3485 | high | — | 8.2 | 14y ago | Tunnelblick 3.3beta20 and earlier relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable file pathname, which allows local users to gain privileges via… | |||
| CVE-2012-0217 | high | — | 8.2 | 14y ago | The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent Sm… | |||
| CVE-2012-5010 | high | 8.1 | 8.1 | 9y ago | ASA 5515-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.4.x before 9.4.1 Interim, 9.2.x before 9.2.4 Interim, ASA 5510 Adaptive Security Appliance Adaptive Security Applia… | |||
| CVE-2012-6530 | high | — | 8.1 | 14y ago | Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted reques… | |||
| CVE-2012-1539 | high | 8.1 | 8.1 | 14y ago | Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreePos Use After Free Vulnerability." | |||
| CVE-2012-1879 | high | 8.1 | 8.1 | 14y ago | Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "… | |||
| CVE-2012-5484 | high | — | 7.9 | 14y ago | The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join procedur… | |||
| CVE-2012-4856 | high | — | 7.9 | 14y ago | The Service Processor in the IBM Power 5 91##-### and 940#-### before SF240_418_382 does not ensure that firewall code is executed, which allows remote attackers to execute arbitrary code via unspeci… | |||
| CVE-2012-5459 | high | — | 7.9 | 14y ago | Untrusted search path vulnerability in VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows allows host OS users to gain host OS privileges via a Trojan horse DLL in a "s… | |||
| CVE-2012-2519 | high | — | 7.9 | 14y ago | Untrusted search path vulnerability in Entity Framework in ADO.NET in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, and 4 allows local users to gain privileges via a Trojan horse DL… | |||
| CVE-2012-0400 | high | — | 7.9 | 14y ago | EMC RSA enVision 4.x before 4.1 Patch 4 does not properly restrict the number of failed authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack. | |||
| CVE-2012-0870 | high | — | 7.9 | 15y ago | Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on the BlackBerry PlayBook tablet before 2.0.0.7971 and other products, allows remote attackers to ca… | |||
| CVE-2012-5361 | high | 7.8 | 7.8 | 9y ago | Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted WMV file. | |||
| CVE-2012-6704 | high | 7.8 | 7.8 | 10y ago | The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory cor… | |||
| CVE-2012-6703 | high | 7.8 | 7.8 | 10y ago | Integer overflow in the snd_compr_allocate_buffer function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.6-rc6-next-20120917 allows local users to cause a denial… | |||
| CVE-2012-6701 | high | 7.8 | 7.8 | 10y ago | Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. | |||
| CVE-2012-6689 | high | 7.8 | 7.8 | 10y ago | The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux kernel before 3.5.5 does not validate the dst_pid field, which allows local users to have an unspecified impact by spoofing Netli… | |||
| CVE-2012-6636 | medium | — | 7.8 | 12y ago | The Android API before 17 does not properly restrict the WebView.addJavascriptInterface method, which allows remote attackers to execute arbitrary methods of Java objects by using the Java Reflection… | |||
| CVE-2012-6638 | high | — | 7.8 | 13y ago | The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN … | |||
| CVE-2012-0425 | high | — | 7.8 | 13y ago | LanItems.ycp in save_y2logs in yast2-network before 2.24.4 in SUSE YaST writes cleartext Wi-Fi credentials to the y2log log file, which allows context-dependent attackers to obtain sensitive informat… | |||
| CVE-2012-4714 | high | — | 7.8 | 13y ago | Integer overflow in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attac… | |||
| CVE-2012-4713 | high | — | 7.8 | 13y ago | Integer signedness error in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remo… | |||
| CVE-2012-4684 | high | — | 7.8 | 13y ago | The alert functionality in bitcoind and Bitcoin-Qt before 0.7.0 supports different character representations of the same signature data, but relies on a hash of this signature, which allows remote at… | |||
| CVE-2012-5213 | high | — | 7.8 | 13y ago | Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to obtain sensitive … | |||
| CVE-2012-4706 | high | — | 7.8 | 13y ago | Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow. | |||
| CVE-2012-6326 | high | — | 7.8 | 13y ago | VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCSA 5.0 before Update 2, allows remote attackers to cause a denial of service (disk consumption) via vectors that trigger large… | |||
| CVE-2012-3281 | high | — | 7.8 | 14y ago | Unspecified vulnerability in Device Manager in HP XP P9000 Command View Advanced Edition before 7.4.0-00 allows remote attackers to cause a denial of service via unknown vectors. | |||
| CVE-2012-6442 | high | — | 7.8 | 14y ago | When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the product to reset,… | |||
| CVE-2012-6438 | high | — | 7.8 | 14y ago | The device does not properly validate the data being sent to the buffer. An attacker can send a malformed CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP, which creates … | |||
| CVE-2012-6436 | high | — | 7.8 | 14y ago | The device does not properly validate the data being sent to the buffer. An attacker can send a malformed CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP, which creates … | |||
| CVE-2012-6435 | high | — | 7.8 | 14y ago | When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the CPU to stop logic… | |||
| CVE-2012-5419 | high | — | 7.8 | 14y ago | Cisco Adaptive Security Appliance (ASA) software 8.7.1 and 8.7.1.1 for the Cisco ASA 1000V Cloud Firewall allows remote attackers to cause a denial of service (device reload) via a malformed H.225 H.… | |||
| CVE-2012-6427 | high | — | 7.8 | 14y ago | The Carlo Gavazzi EOS-Box does not check the validity of the data before executing queries. By accessing the SQL table of certain pages that do not require authentication, attackers can leak inform… | |||
| CVE-2012-5688 | high | — | 7.8 | 14y ago | ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. | |||
| CVE-2012-5174 | high | — | 7.8 | 14y ago | The KYOCERA AH-K3001V, AH-K3002V, WX300K, WX310K, WX320K, and WX320KR devices allow remote attackers to cause a denial of service (persistent reboot) via an e-mail message in an invalid format. | |||
| CVE-2012-5861 | high | — | 7.8 | 14y ago | These Sinapsi devices do not check the validity of the data before executing queries. By accessing the SQL table of certain pages that do not require authentication within the device, attackers can… | |||
| CVE-2012-5758 | high | — | 7.8 | 14y ago | The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2 does not require authentication for an unspecified interface, which allows remote attackers to cause a d… | |||
| CVE-2012-2619 | high | — | 7.8 | 14y ago | The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cau… | |||
| CVE-2012-1813 | high | — | 7.8 | 14y ago | eosfailoverservice.exe in C3-ilex EOScada before 11.0.19.2 allows remote attackers to cause a denial of service by sending a large amount of data to TCP port 12000. | |||
| CVE-2012-1811 | high | — | 7.8 | 14y ago | EOSDataServer.exe in C3-ilex EOScada before 11.0.19.2 allows remote attackers to cause a denial of service by sending a large amount of data to TCP port 24006. | |||
| CVE-2012-5416 | high | — | 7.8 | 14y ago | Buffer overflow in Cisco Unified MeetingPlace Web Conferencing before 7.1MR1 Patch 1, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 allows remote attackers to cause a denial of service (daemon han… | |||
| CVE-2012-4660 | high | — | 7.8 | 14y ago | The SIP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.2 before 8.2(5.17… | |||
| CVE-2012-2167 | high | — | 7.8 | 14y ago | The IBM XIV Storage System Gen3 before 11.1.0.a allows remote attackers to cause a denial of service (device outage) via TCP packets to unspecified ports. | |||
| CVE-2012-3210 | high | — | 7.8 | 14y ago | Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability via unknown vectors related to Kernel. | |||
| CVE-2012-3189 | high | — | 7.8 | 14y ago | Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability, related to COMSTAR. | |||
| CVE-2012-5166 | high | — | 7.8 | 14y ago | ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via u… | |||
| CVE-2012-3549 | high | — | 7.8 | 14y ago | The SCTP implementation in FreeBSD 8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted ASCONF chunk. | |||
| CVE-2012-1153 | medium | — | 7.8 | 14y ago | Unrestricted file upload vulnerability in addons/uploadify/uploadify.php in appRain CMF 0.1.5 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable exte… | |||
| CVE-2012-3412 | high | — | 7.8 | 14y ago | The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafte… | |||
| CVE-2012-5049 | high | — | 7.8 | 14y ago | APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. | |||
| CVE-2012-5048 | high | — | 7.8 | 14y ago | APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted packet. | |||
| CVE-2012-4623 | high | — | 7.8 | 14y ago | The DHCPv6 server in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x, 3.1.xS before 3.1.4S, 3.1.xSG and 3.2.xSG before 3.2.5SG, 3.2.xS, 3.2.xXO, 3.3.xS, and 3.3.xSG b… | |||
| CVE-2012-4621 | high | — | 7.8 | 14y ago | The Device Sensor feature in Cisco IOS 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via a DHCP packet, aka Bug ID CSCty96049. | |||
| CVE-2012-4620 | high | — | 7.8 | 14y ago | Cisco IOS 12.2 and 15.0 through 15.2 on Cisco 10000 series routers, when a tunnel interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via tunneled (1) GRE/I… | |||
| CVE-2012-4619 | high | — | 7.8 | 14y ago | The NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtr46123. | |||
| CVE-2012-4618 | high | — | 7.8 | 14y ago | The SIP ALG feature in the NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CS… | |||
| CVE-2012-3949 | high | — | 7.8 | 14y ago | The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before 8.6(2a)su1; Cisco IOS 12.2 through 12.4 and 15.0 through 15.2… | |||
| CVE-2012-2897 | high | 7.8 | 7.8 | 14y ago | The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 201… | |||
| CVE-2012-4014 | high | — | 7.8 | 14y ago | Unspecified vulnerability in McAfee Email Anti-virus (formerly WebShield SMTP) allows remote attackers to cause a denial of service via unknown vectors. | |||
| CVE-2012-3011 | high | — | 7.8 | 14y ago | Directory traversal vulnerability in the web server in Fultek WinTr Scada 4.0.5 and earlier allows remote attackers to read arbitrary files via a crafted request. | |||
| CVE-2012-5002 | medium | — | 7.8 | 14y ago | Stack-based buffer overflow in SR10 FTP server (SR10.exe) 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote attackers to execute arbitrary code via a… | |||
| CVE-2012-3079 | high | — | 7.8 | 14y ago | Cisco IOS 12.2 allows remote attackers to cause a denial of service (CPU consumption) by establishing many IPv6 neighbors, aka Bug ID CSCtn78957. | |||
| CVE-2012-3060 | high | — | 7.8 | 14y ago | Cisco Unity Connection (UC) 8.6, 9.0, and 9.5 allows remote attackers to cause a denial of service (CPU consumption) via malformed UDP packets, aka Bug ID CSCtz76269. | |||
| CVE-2012-4244 | high | — | 7.8 | 14y ago | ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and na… | |||
| CVE-2012-4629 | high | — | 7.8 | 14y ago | The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to caus… | |||
| CVE-2012-3935 | high | — | 7.8 | 14y ago | Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted … | |||
| CVE-2012-3012 | high | — | 7.8 | 14y ago | The Arbiter Power Sentinel 1133A device with firmware before 11Jun2012 Rev 421 allows remote attackers to cause a denial of service (Ethernet outage) via unspecified Ethernet traffic that fills a buf… | |||
| CVE-2012-3252 | high | — | 7.8 | 14y ago | Unspecified vulnerability in HP Serviceguard A.11.19 and A.11.20 allows remote attackers to cause a denial of service via unknown vectors. | |||
| CVE-2012-4335 | high | — | 7.8 | 14y ago | Samsung NET-i viewer 1.37.120316 allows remote attackers to cause a denial of service (infinite loop) via a negative size value in a TCP request to (1) NiwMasterService or (2) NiwStorageService. NOT… | |||
| CVE-2012-4330 | high | — | 7.8 | 14y ago | The Samsung D6000 TV and possibly other products allows remote attackers to cause a denial of service (crash) via a long string in certain fields, as demonstrated by the MAC address field, possibly a… | |||
| CVE-2012-4329 | high | — | 7.8 | 14y ago | The Samsung D6000 TV and possibly other products allow remote attackers to cause a denial of service (continuous restart) via a crafted controller name. | |||
| CVE-2012-2744 | high | — | 7.8 | 14y ago | net/ipv6/netfilter/nf_conntrack_reasm.c in the Linux kernel before 2.6.34, when the nf_conntrack_ipv6 module is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference… | |||
| CVE-2012-1350 | high | — | 7.8 | 14y ago | Cisco IOS 12.3 and 12.4 on Aironet access points allows remote attackers to cause a denial of service (radio-interface input-queue hang) via IAPP 0x3281 packets, aka Bug ID CSCtc12426. | |||
| CVE-2012-2472 | high | — | 7.8 | 14y ago | Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 and 8.4, when SIP inspection is enabled, create many identical pre-allocated secondary pinholes, which might allow remot… |