CVE Vulnerability Database

Search and browse 284 known security vulnerabilities. Filter by severity, vendor, product, and year.

284 vulnerabilities found
Recent Highest Score Oldest
Year: earlier × Clear all
CVE-2015-2177
7.5 high

Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a denial of service (defect-mode transition) via crafted packets on (1) TCP port 102 or (2) Profibus.

Siemens Simatic S7-300 Cpu Firmware Mar 7, 2015
CVE-2014-3566
3.4 low

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

Redhat Enterprise Linux Oct 15, 2014
CVE-2014-5455
5.3 medium

Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder.

Openvpn Openvpn Aug 25, 2014
CVE-2014-2653
6.5 medium

The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

Openbsd Openssh Mar 27, 2014
CVE-2014-2532
4.2 medium

sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.

Oracle Communications User Data Repository Mar 18, 2014
CVE-2014-0759
5.9 medium

Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

Schneider-Electric Floating License Manager Feb 28, 2014
CVE-2011-4327
5.5 medium

ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

Openbsd Openssh Feb 3, 2014
CVE-2014-1692
7.3 high

The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors tha

Openbsd Openssh Jan 29, 2014
CVE-2013-4734
7.3 high

dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier for attackers to obtain non-administrative access via unspecified vectors.

Digital Alert Systems Dasdec Eas Jun 30, 2013
CVE-2013-4733
7.5 high

The web server on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 allows remote attackers to obtain sensitive configuration and status information by reading log files.

Digital Alert Systems Dasdec Eas Jun 30, 2013
CVE-2013-1609
6.8 medium

Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program.

Symantec Enterprise Vault For File System Archiving Mar 26, 2013
CVE-2013-2566
5.9 medium

The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.

Oracle Communications Application Session Controller Mar 15, 2013
CVE-2010-5107
7.5 high

The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

Openbsd Openssh Mar 7, 2013
CVE-2012-6442
7.5 high

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the product to reset, a DoS can occur. This situation could cause loss of availability and a disruption of communication w

Rockwellautomation Ethernet\/Ip Firmware Jan 24, 2013
CVE-2012-6440
4.8 medium

The Web server password authentication mechanism used by the products is vulnerable to a MitM and Replay attack. Successful exploitation of this vulnerability will allow unauthorized access of the product’s Web server to view and alter product configuration and diagnostics information. Rockwell A

Rockwellautomation Controllogix Controllers Jan 24, 2013
CVE-2012-6438
7.5 high

The device does not properly validate the data being sent to the buffer. An attacker can send a malformed CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP, which creates a buffer overflow and causes the NIC to crash. Successful exploitation of this vulnerability could ca

Rockwellautomation Controllogix Controllers Jan 24, 2013
CVE-2012-6437
9.8 critical

The device does not properly authenticate users and the potential exists for a remote user to upload a new firmware image to the Ethernet card, whether it is a corrupt or legitimate firmware image. Successful exploitation of this vulnerability could cause loss of availability, integrity, and confide

Rockwellautomation Controllogix Controllers Jan 24, 2013
CVE-2012-6436
7.5 high

The device does not properly validate the data being sent to the buffer. An attacker can send a malformed CIP packet to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP, which creates a buffer overflow and causes the CPU to crash. Successful exploitation of this vulnerability could ca

Rockwellautomation Controllogix Controllers Jan 24, 2013
CVE-2012-6435
7.5 high

When an affected product receives a valid CIP message from an unauthorized or unintended source to Port 2222/TCP, Port 2222/UDP, Port 44818/TCP, or Port 44818/UDP that instructs the CPU to stop logic execution and enter a fault state, a DoS can occur. This situation could cause loss of availability

Rockwellautomation Controllogix Controllers Jan 24, 2013
CVE-2012-0814
3.5 low

The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user accoun

Openbsd Openssh Jan 27, 2012
CVE-2011-0539
7.5 high

The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct has

Openbsd Openssh Feb 10, 2011
CVE-2010-4478
9.8 critical

OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a rel

Openbsd Openssh Dec 6, 2010
CVE-2010-3190
7.8 high

Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1, and 2010; and Exchange Server 2010 Service Pack 3, 2013, and 2013 allows local users to gain privil

Apple Itunes Aug 31, 2010
CVE-2010-2965
9.8 critical

The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via re

Rockwellautomation 1756-Enbt\/A Firmware Aug 5, 2010