CVE-2012-0xxx

There are 936 CVE in this subgroup.
Last updated: 
← Back to 2012
ID Summary Flags Max Score
CVE-2012-0001 The kernel in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2...
CVE-2012-0002 The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server...
CVE-2012-0003 Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) i...
CVE-2012-0004 Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Serv...
CVE-2012-0005 The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 ...
CVE-2012-0006 The DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 does not pro...
CVE-2012-0007 The Microsoft Anti-Cross Site Scripting (AntiXSS) Library 3.x and 4.0 does not properly evaluate cha...
CVE-2012-0008 Untrusted search path vulnerability in Microsoft Visual Studio 2008 SP1, 2010, and 2010 SP1 allows l...
CVE-2012-0009 Untrusted search path vulnerability in the Windows Object Packager configuration in Microsoft Window...
CVE-2012-0010 Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which a...
S
CVE-2012-0011 Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows rem...
S
CVE-2012-0012 Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string obj...
S
CVE-2012-0013 Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2...
CVE-2012-0014 Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4, and Silverlight 4 before 4.1.10111, does not properl...
CVE-2012-0015 Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate the length of an unspecified ...
CVE-2012-0016 Untrusted search path vulnerability in Microsoft Expression Design; Expression Design SP1; and Expre...
CVE-2012-0017 Cross-site scripting (XSS) vulnerability in inplview.aspx in Microsoft SharePoint Foundation 2010 Go...
CVE-2012-0018 Microsoft Visio Viewer 2010 Gold and SP1 does not properly validate attributes in Visio files, which...
CVE-2012-0019 Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files...
CVE-2012-0020 Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files...
CVE-2012-0021 The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2...
S
CVE-2012-0022 Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient appr...
CVE-2012-0023 Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC med...
S
CVE-2012-0024 MaraDNS before 1.3.07.12 and 1.4.x before 1.4.08 computes hash values for DNS data without restricti...
S
CVE-2012-0025 Double free vulnerability in the Free_All_Memory function in jpeg/dectile.c in libfpx before 1.3.1-1...
E
CVE-2012-0026 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0287. Reason: This candida...
R
CVE-2012-0027 The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST bl...
CVE-2012-0028 The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes...
E S
CVE-2012-0029 Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qe...
CVE-2012-0030 Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass acc...
S
CVE-2012-0031 scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial ...
E
CVE-2012-0032 Red Hat JBoss Operations Network (JON) before 3.0.1 uses 0777 permissions for the root directory whe...
CVE-2012-0033 The CBounceDCCMod::OnPrivCTCP function in bouncedcc.cpp in the bouncedcc module in ZNC 0.200 and 0.2...
CVE-2012-0034 The NonManagedConnectionFactory in JBoss Enterprise Application Platform (EAP) 5.1.2 and 5.2.0, Web ...
CVE-2012-0035 Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 a...
S
CVE-2012-0036 curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of...
S
CVE-2012-0037 Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice bef...
E S
CVE-2012-0038 Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3....
S
CVE-2012-0039 GLib 2.31.8 and earlier, when the g_str_hash function is used, computes hash values without restrict...
CVE-2012-0040 Cross-site scripting (XSS) vulnerability in modules/core/www/no_cookie.php in SimpleSAMLphp 1.8.1 an...
CVE-2012-0041 The dissect_packet function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5...
E S
CVE-2012-0042 Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conver...
E S
CVE-2012-0043 Buffer overflow in the reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissec...
E S
CVE-2012-0044 Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct ...
S
CVE-2012-0045 The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel befo...
E S
CVE-2012-0046 mediawiki allows deleted text to be exposed...
CVE-2012-0047 Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.20 allows remote attacker...
CVE-2012-0048 OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a denial of service (game pause) by con...
E S
CVE-2012-0049 OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joinin...
S
CVE-2012-0050 OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers...
CVE-2012-0051 Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or...
E
CVE-2012-0052 Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 does not check the JON ag...
CVE-2012-0053 protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header informat...
S
CVE-2012-0054 libs/updater.py in GoLismero 0.6.3, and other versions before Git revision 2b3bb43d6867, as used in ...
CVE-2012-0055 OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing...
E S
CVE-2012-0056 The mem_write function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly ch...
CVE-2012-0057 PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arb...
S
CVE-2012-0058 The kiocb_batch_free function in fs/aio.c in the Linux kernel before 3.2.2 allows local users to cau...
S
CVE-2012-0059 Spacewalk-backend in Red Hat Network (RHN) Satellite and Proxy 5.4 includes cleartext user passwords...
CVE-2012-0060 RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a ...
CVE-2012-0061 The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags...
CVE-2012-0062 Red Hat JBoss Operations Network (JON) before 2.4.2 and 3.0.x before 3.0.1 allows remote attackers t...
CVE-2012-0063 Insecure plugin update mechanism in tucan through 0.3.10 could allow remote attackers to perform man...
CVE-2012-0064 xkeyboard-config before 2.5 in X.Org before 7.6 enables certain XKB debugging functions by default, ...
CVE-2012-0065 Heap-based buffer overflow in the receive_packet function in libusbmuxd/libusbmuxd.c in usbmuxd 1.0....
S
CVE-2012-0066 Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of se...
E S
CVE-2012-0067 wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to...
E S
CVE-2012-0068 The lanalyzer_read function in wiretap/lanalyzer.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before...
CVE-2012-0069 SQL injection vulnerability in ajax.php in Batavi before 1.2.1 allows remote attackers to execute ar...
CVE-2012-0070 spamdyke prior to 4.2.1: STARTTLS reveals plaintext...
CVE-2012-0071 Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Mi...
S
CVE-2012-0072 Unspecified vulnerability in the Listener component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10...
CVE-2012-0073 Unspecified vulnerability in the Oracle Forms component in Oracle E-Business Suite 11.5.10.2 allows ...
CVE-2012-0074 Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft Products 8...
CVE-2012-0075 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allo...
CVE-2012-0076 Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9...
CVE-2012-0077 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4,...
CVE-2012-0078 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su...
CVE-2012-0079 Unspecified vulnerability in Oracle OpenSSO 7.1 and 8.0 allows remote attackers to affect integrity ...
CVE-2012-0080 Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9...
CVE-2012-0081 Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.1.1 allows local users to affect c...
CVE-2012-0082 Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5, 10.2.0.3, ...
CVE-2012-0083 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 7.5....
CVE-2012-0084 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 7.5....
CVE-2012-0085 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 7.5....
CVE-2012-0086 Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Mi...
S
CVE-2012-0087 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remot...
CVE-2012-0088 Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 8...
CVE-2012-0089 Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9...
CVE-2012-0090 Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Mi...
S
CVE-2012-0091 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2012-0092 Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Mi...
S
CVE-2012-0093 Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Mi...
S
CVE-2012-0094 Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows remote attackers to affect ...
CVE-2012-0095 Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Mi...
S
CVE-2012-0096 Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affe...
CVE-2012-0097 Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect confidentiality ...
CVE-2012-0098 Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect av...
CVE-2012-0099 Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows remote attackers to affect ...
CVE-2012-0100 Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect confi...
CVE-2012-0101 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remot...
CVE-2012-0102 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remot...
CVE-2012-0103 Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via...
CVE-2012-0104 Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attack...
CVE-2012-0105 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows ...
CVE-2012-0106 Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Mi...
S
CVE-2012-0107 Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Mi...
S
CVE-2012-0108 Unspecified vulnerability in the Oracle Imaging and Process Management component in Oracle Fusion Mi...
S
CVE-2012-0109 Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect co...
CVE-2012-0110 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2012-0111 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows ...
CVE-2012-0112 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remot...
CVE-2012-0113 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remot...
CVE-2012-0114 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allo...
CVE-2012-0115 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remot...
CVE-2012-0116 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remot...
CVE-2012-0117 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenti...
CVE-2012-0118 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remot...
CVE-2012-0119 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remot...
CVE-2012-0120 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remot...
CVE-2012-0121 Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.0...
CVE-2012-0122 Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.0...
CVE-2012-0123 Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.0...
CVE-2012-0124 Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.0...
CVE-2012-0125 Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.31 allows local users to obtain ...
CVE-2012-0126 Unspecified vulnerability in the WBEM implementation in HP HP-UX 11.11 and 11.23 allows remote attac...
CVE-2012-0127 Unspecified vulnerability in HP Performance Manager 9.00 allows remote attackers to execute arbitrar...
CVE-2012-0128 HP Onboard Administrator (OA) before 3.50 allows remote attackers to redirect users to arbitrary web...
CVE-2012-0129 HP Onboard Administrator (OA) before 3.50 allows remote attackers to bypass intended access restrict...
CVE-2012-0130 HP Onboard Administrator (OA) before 3.50 allows remote attackers to obtain sensitive information vi...
CVE-2012-0131 Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX B.11.11 and B.11.23 allows remote at...
CVE-2012-0132 Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 9.01 allows remote...
CVE-2012-0133 HP ProCurve 5400 zl switches with certain serial numbers include a compact flash card that contains ...
CVE-2012-0134 Unspecified vulnerability in HP OpenVMS 7.3-2 on the Alpha platform, 8.3 and 8.4 on the Alpha and IA...
CVE-2012-0135 Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authentica...
CVE-2012-0136 Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files...
CVE-2012-0137 Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files...
CVE-2012-0138 Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files...
CVE-2012-0139 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-0140 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-0141 Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2011 for Mac; Excel Viewer...
CVE-2012-0142 Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 for Mac; Excel Viewer...
CVE-2012-0143 Microsoft Excel 2003 SP3 and Office 2008 for Mac do not properly handle memory during the opening of...
CVE-2012-0144 Cross-site scripting (XSS) vulnerability in themeweb.aspx in Microsoft Office SharePoint Server 2010...
CVE-2012-0145 Cross-site scripting (XSS) vulnerability in wizardlist.aspx in Microsoft Office SharePoint Server 20...
CVE-2012-0146 Open redirect vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Upd...
CVE-2012-0147 Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Update 1 does not properly configu...
CVE-2012-0148 afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windo...
CVE-2012-0149 afd.sys in the Ancillary Function Driver in Microsoft Windows Server 2003 SP2 does not properly vali...
CVE-2012-0150 Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP...
CVE-2012-0151 The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server...
KEV S
CVE-2012-0152 The Remote Desktop Protocol (RDP) service in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows...
CVE-2012-0153 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-0154 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an...
CVE-2012-0155 Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attack...
S
CVE-2012-0156 DirectWrite in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 G...
CVE-2012-0157 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2012-0158 The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in...
KEV S
CVE-2012-0159 Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP...
CVE-2012-0160 Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly...
CVE-2012-0161 Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly...
CVE-2012-0162 Microsoft .NET Framework 4 does not properly allocate buffers, which allows remote attackers to exec...
CVE-2012-0163 Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validat...
CVE-2012-0164 Microsoft .NET Framework 4 does not properly compare index values, which allows remote attackers to ...
CVE-2012-0165 GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2 and Office 2003 SP3, 2007 SP2 and SP3, and 2...
CVE-2012-0166 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-0167 Heap-based buffer overflow in the Office GDI+ library in Microsoft Office 2003 SP3 and 2007 SP2 and ...
CVE-2012-0168 Microsoft Internet Explorer 6 through 9 allows user-assisted remote attackers to execute arbitrary c...
S
CVE-2012-0169 Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attack...
S
CVE-2012-0170 Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote ...
CVE-2012-0171 Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows rem...
S
CVE-2012-0172 Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows rem...
CVE-2012-0173 The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server...
CVE-2012-0174 Windows Firewall in tcpip.sys in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP...
CVE-2012-0175 The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows S...
CVE-2012-0176 Double free vulnerability in Microsoft Silverlight 4 before 4.1.10329 on Windows allows remote attac...
CVE-2012-0177 Heap-based buffer overflow in the Office Works File Converter in Microsoft Office 2007 SP2, Works 9,...
CVE-2012-0178 Race condition in partmgr.sys in Windows Partition Manager in Microsoft Windows Vista SP2, Windows S...
CVE-2012-0179 Double free vulnerability in tcpip.sys in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 ...
CVE-2012-0180 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2012-0181 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2012-0182 Microsoft Word 2007 SP2 and SP3 does not properly handle memory during the parsing of Word documents...
CVE-2012-0183 Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for Mac, and Office Compatibility...
CVE-2012-0184 Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 and 2011 for Mac; Exc...
CVE-2012-0185 Heap-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 Gold and SP1, Excel Viewer, ...
CVE-2012-0186 Directory traversal vulnerability in the Eclipse Help component in IBM Lotus Expeditor 6.1.x and 6.2...
CVE-2012-0187 Untrusted search path vulnerability in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security P...
CVE-2012-0188 Unspecified vulnerability in the SetLicenseInfoEx method in an ActiveX control in mraboutb.dll in IB...
CVE-2012-0189 Multiple unspecified vulnerabilities in the (1) PrintFile and (2) SaveDoc methods in the VsVIEW6 Act...
CVE-2012-0190 Unspecified vulnerability in the Render method in the ExportHTML.ocx ActiveX control in ExportHTML.d...
CVE-2012-0191 The web container in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack does not prope...
CVE-2012-0192 Multiple integer overflows in vclmi.dll in the visual class library module in IBM Lotus Symphony bef...
CVE-2012-0193 IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.43, 6.1 before 6.1.0.43, 7.0 before 7.0.0.2...
S
CVE-2012-0194 The TCP implementation in IBM AIX 5.3, 6.1, and 7.1, when the Large Send Offload option is enabled, ...
S
CVE-2012-0195 Cross-site scripting (XSS) vulnerability in the Start Center Layout and Configuration component in I...
CVE-2012-0198 Stack-based buffer overflow in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control in ...
CVE-2012-0199 Multiple SQL injection vulnerabilities in IBM Tivoli Provisioning Manager Express for Software Distr...
CVE-2012-0200 The server in IBM solidDB 6.5 before Interim Fix 6 does not properly initialize data structures, whi...
CVE-2012-0201 Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM Personal Communications 5.9.x before ...
E
CVE-2012-0202 Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x an...
CVE-2012-0203 Cross-site scripting (XSS) vulnerability in InfoSphere Metadata Workbench (MWB) 8.1 through 8.7 in I...
CVE-2012-0204 Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSpher...
CVE-2012-0205 InfoSphere Metadata Workbench (MWB) 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 be...
CVE-2012-0206 common_startup.cc in PowerDNS (aka pdns) Authoritative Server before 2.9.22.5 and 3.x before 3.0.1 a...
S
CVE-2012-0207 The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote atta...
E S
CVE-2012-0208 Unspecified vulnerability in the Oracle Grid Engine component in Oracle Sun Products Suite 6.1 and 6...
CVE-2012-0209 Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by ...
E S
CVE-2012-0210 debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to o...
CVE-2012-0211 debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to e...
CVE-2012-0212 debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to e...
CVE-2012-0213 The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and ...
CVE-2012-0214 The pkgAcqMetaClearSig::Failed method in apt-pkg/acquire-item.cc in Advanced Package Tool (APT) 0.8....
CVE-2012-0215 model/modelstorage.py in the Tryton application framework (trytond) before 2.4.0 for Python does not...
E S
CVE-2012-0216 The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze...
CVE-2012-0217 The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6....
E
CVE-2012-0218 Xen 3.4, 4.0, and 4.1, when the guest OS has not registered a handler for a syscall or sysenter inst...
S
CVE-2012-0219 Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 throu...
S
CVE-2012-0220 Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin (Plugin/meta.pm) in ikiwiki b...
CVE-2012-0221 The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 t...
CVE-2012-0222 The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 t...
CVE-2012-0223 Untrusted search path vulnerability in 7-Technologies (7T) TERMIS 2.10 and earlier allows local user...
S
CVE-2012-0224 Untrusted search path vulnerability in 7-Technologies (7T) AQUIS 1.5 and earlier allows local users ...
S
CVE-2012-0225 Cross-site scripting (XSS) vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 a...
CVE-2012-0226 SQL injection vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 allows remote ...
CVE-2012-0227 Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in O...
E
CVE-2012-0228 Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, ...
CVE-2012-0229 The Data Archiver service in GE Intelligent Platforms Proficy Historian 4.5 and earlier allows remot...
CVE-2012-0230 PRRDS.exe in the Proficy Remote Data Service in GE Intelligent Platforms Proficy Plant Applications ...
CVE-2012-0231 PRLicenseMgr.exe in the Proficy Server License Manager in GE Intelligent Platforms Proficy Plant App...
CVE-2012-0232 Directory traversal vulnerability in rifsrvd.exe in the Remote Interface Service in GE Intelligent P...
CVE-2012-0233 Cross-site scripting (XSS) vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote at...
CVE-2012-0234 SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to ex...
S
CVE-2012-0235 Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin WebAccess before 7.0 allows re...
S
CVE-2012-0236 Advantech/BroadWin WebAccess 7.0 and earlier allows remote attackers to obtain sensitive information...
S
CVE-2012-0237 Advantech/BroadWin WebAccess before 7.0 allows remote attackers to (1) enable date and time syncing ...
CVE-2012-0238 Stack-based buffer overflow in opcImg.asp in Advantech/BroadWin WebAccess before 7.0 allows remote a...
S
CVE-2012-0239 uaddUpAdmin.asp in Advantech/BroadWin WebAccess before 7.0 does not properly perform authentication,...
S
CVE-2012-0240 GbScriptAddUp.asp in Advantech/BroadWin WebAccess before 7.0 does not properly perform authenticatio...
S
CVE-2012-0241 Advantech/BroadWin WebAccess before 7.0 allows remote attackers to cause a denial of service (memory...
S
CVE-2012-0242 Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to ex...
S
CVE-2012-0243 Buffer overflow in an ActiveX control in bwocxrun.ocx in Advantech/BroadWin WebAccess before 7.0 all...
S
CVE-2012-0244 Multiple SQL injection vulnerabilities in Advantech/BroadWin WebAccess before 7.0 allow remote attac...
S
CVE-2012-0245 Multiple stack-based buffer overflows in RobNetScanHost.exe in ABB Robot Communications Runtime befo...
S
CVE-2012-0246 Directory traversal vulnerability in an unspecified ActiveX control in Ecava IntegraXor before 3.71....
CVE-2012-0247 ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corrupt...
S
CVE-2012-0248 ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop ...
S
CVE-2012-0249 Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation i...
E S
CVE-2012-0250 Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attac...
CVE-2012-0253 Multiple cross-site scripting (XSS) vulnerabilities in Demand Media Pluck SiteLife before 5.0.13 all...
E
CVE-2012-0254 Stack-based buffer overflow in the HMIWeb Browser HSCDSPRenderDLL ActiveX control in Honeywell Proce...
CVE-2012-0255 The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for ...
CVE-2012-0256 Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate...
S
CVE-2012-0257 Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in I...
CVE-2012-0258 Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in I...
CVE-2012-0259 The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attack...
S
CVE-2012-0260 The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attacke...
S
CVE-2012-0261 license.php in system-portal before 1.6.2 in op5 Monitor and op5 Appliance before 5.5.3 allows remot...
CVE-2012-0262 op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and op5 Appliance before 5.5.3 all...
E
CVE-2012-0263 monitor/index.php in op5 Monitor and op5 Appliance before 5.5.1 allows remote authenticated users to...
E
CVE-2012-0264 op5 Monitor and op5 Appliance before 5.5.0 do not properly manage session cookies, which allows remo...
E
CVE-2012-0265 Stack-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to ex...
CVE-2012-0266 Multiple stack-based buffer overflows in the NTR ActiveX control before 2.0.4.8 allow remote attacke...
E
CVE-2012-0267 The StopModule method in the NTR ActiveX control before 2.0.4.8 allows remote attackers to execute a...
E
CVE-2012-0268 Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155,...
CVE-2012-0269 Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 20...
CVE-2012-0270 Multiple stack-based buffer overflows in Csound before 5.16.6 allow remote attackers to execute arbi...
CVE-2012-0271 Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novel...
E
CVE-2012-0272 Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 8.0 before S...
CVE-2012-0273 Multiple stack-based buffer overflows in MinaliC 2.0.0 allow remote attackers to execute arbitrary c...
CVE-2012-0275 Heap-based buffer overflow in Photoshop.exe in Adobe Photoshop CS5 12.x before 12.0.5, CS5.1 12.1.x ...
CVE-2012-0276 Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial ...
E
CVE-2012-0277 Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of servic...
E
CVE-2012-0278 Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for IrfanView might allow remote at...
E
CVE-2012-0279 Quest Toad for Data Analysts 3.0.1 uses weak permissions (Everyone: Full Control) for the %COMMONPRO...
CVE-2012-0282 Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of servic...
E
CVE-2012-0283 Cross-site scripting (XSS) vulnerability in the tpl_mediaFileList function in inc/template.php in Do...
CVE-2012-0284 Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1....
CVE-2012-0285 Multiple cross-site scripting (XSS) vulnerabilities in Stoneware webNetwork before 6.0.8.0 allow rem...
CVE-2012-0286 Cross-site request forgery (CSRF) vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote...
CVE-2012-0287 Cross-site scripting (XSS) vulnerability in wp-comments-post.php in WordPress 3.3.x before 3.3.1, wh...
E S
CVE-2012-0289 Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Netwo...
E
CVE-2012-0290 Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x)...
CVE-2012-0291 Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x)...
CVE-2012-0292 The awhost32 service in Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere S...
E
CVE-2012-0293 Multiple SQL injection vulnerabilities in Symantec Altiris WISE Package Studio before 8.0MR1 allow r...
CVE-2012-0294 Directory traversal vulnerability in the Manager service in the management console in Symantec Endpo...
CVE-2012-0295 The Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1...
CVE-2012-0296 Multiple cross-site scripting (XSS) vulnerabilities in the management GUI in Symantec Web Gateway 5....
E
CVE-2012-0297 The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to a...
CVE-2012-0298 The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow r...
CVE-2012-0299 The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow r...
CVE-2012-0300 Brightmail Control Center in Symantec Message Filter 6.3 does not properly restrict establishment of...
CVE-2012-0301 Session fixation vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows re...
CVE-2012-0302 Cross-site scripting (XSS) vulnerability in Brightmail Control Center in Symantec Message Filter 6.3...
CVE-2012-0303 Multiple cross-site request forgery (CSRF) vulnerabilities in Brightmail Control Center in Symantec ...
CVE-2012-0304 Symantec LiveUpdate Administrator before 2.3.1 uses weak permissions (Everyone: Full Control) for th...
CVE-2012-0305 Untrusted search path vulnerability in Symantec System Recovery 2011 before SP2 and Backup Exec Syst...
CVE-2012-0306 Symantec Ghost Solution Suite 2.x through 2.5.1 allows remote attackers to execute arbitrary code or...
CVE-2012-0307 Multiple cross-site scripting (XSS) vulnerabilities in Symantec Messaging Gateway (SMG) before 10.0 ...
CVE-2012-0308 Cross-site request forgery (CSRF) vulnerability in Symantec Messaging Gateway (SMG) before 10.0 allo...
CVE-2012-0309 Cross-site scripting (XSS) vulnerability in Cogent DataHub 7.1.2 and earlier, Cascade DataHub 6.4.20...
CVE-2012-0310 CRLF injection vulnerability in Cogent DataHub 7.1.2 and earlier, Cascade DataHub 6.4.20 and earlier...
CVE-2012-0311 Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before R9 allows remote attackers to ...
CVE-2012-0312 Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before R9, and osCommerce Online Merc...
CVE-2012-0313 Cross-site scripting (XSS) vulnerability in glucose 2 before stage 6.2 allows remote attackers to in...
CVE-2012-0314 Multiple cross-site request forgery (CSRF) vulnerabilities on the eAccess Pocket WiFi (aka GP02) rou...
CVE-2012-0315 Untrusted search path vulnerability in ALFTP before 5.31 allows local users to gain privileges via a...
S
CVE-2012-0316 The Cookpad 1.5.16 and earlier and Cookpad Noseru 1.1.1 and earlier applications for Android do not ...
CVE-2012-0317 Multiple cross-site request forgery (CSRF) vulnerabilities in Movable Type before 4.38, 5.0x before ...
S
CVE-2012-0318 Multiple cross-site scripting (XSS) vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, a...
S
CVE-2012-0319 The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow...
S
CVE-2012-0320 Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take con...
S
CVE-2012-0321 Unspecified vulnerability in the device driver in Kingsoft Internet Security 2011 allows local users...
CVE-2012-0322 The EStrongs ES File Explorer application 1.6.0.2 through 1.6.1.1 for Android does not properly rest...
CVE-2012-0323 Cross-site scripting (XSS) vulnerability in the Autocomplete plugin before 3.0 for SquirrelMail allo...
CVE-2012-0324 Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Je...
CVE-2012-0325 Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Je...
CVE-2012-0326 The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of networ...
S
CVE-2012-0327 Cross-site scripting (XSS) vulnerability in Redmine before 1.3.2 allows remote attackers to inject a...
CVE-2012-0328 Janetter before 3.3.0.0 (aka 3.3.0) allows remote attackers to obtain session information for twitte...
CVE-2012-0329 Cisco Digital Media Manager 5.2.2 and earlier, and 5.2.3, allows remote authenticated users to execu...
CVE-2012-0330 Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to...
CVE-2012-0331 Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to...
CVE-2012-0333 Cisco Small Business IP phones with SPA 500 series firmware 7.4.9 and earlier do not require authent...
CVE-2012-0334 Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vu...
CVE-2012-0335 Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 through 8.4 do not pr...
CVE-2012-0337 SQL injection vulnerability in the web component in Cisco Unified MeetingPlace 7.1 allows remote aut...
CVE-2012-0338 Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also keyword during enforcement of a...
CVE-2012-0339 Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also keyword during enforcement of a...
CVE-2012-0340 Cross-site scripting (XSS) vulnerability in the management interface on the Cisco IronPort Encryptio...
CVE-2012-0352 Cisco NX-OS 4.2.x before 4.2(1)SV1(5.1) on Nexus 1000v series switches; 4.x and 5.0.x before 5.0(2)N...
CVE-2012-0353 The UDP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the A...
CVE-2012-0354 The Threat Detection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and th...
CVE-2012-0355 Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in...
CVE-2012-0356 Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in...
CVE-2012-0358 Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through th...
CVE-2012-0359 The Cisco Cius with software before 9.2(1) SR2 allows remote attackers to cause a denial of service ...
CVE-2012-0360 Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers ...
CVE-2012-0361 The sccp-protocol component in Cisco IP Communicator (CIPC) 7.0 through 8.6 does not limit the rate ...
CVE-2012-0362 The extended ACL functionality in Cisco IOS 12.2(58)SE2 and 15.0(1)SE discards all lines that end wi...
CVE-2012-0363 The web interface on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540...
S
CVE-2012-0364 Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with ...
S
CVE-2012-0365 Directory traversal vulnerability in the Local TFTP file-upload application on Cisco SRP 520 series ...
CVE-2012-0366 Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated users to change the administra...
CVE-2012-0367 Cisco Unity Connection before 7.1.5b(Su5), 8.0 and 8.5 before 8.5.1(Su3), and 8.6 before 8.6.2 allow...
CVE-2012-0368 The administrative management interface on Cisco Wireless LAN Controller (WLC) devices with software...
CVE-2012-0369 Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 before 7.0.220.0, 7.1 before 7...
CVE-2012-0370 Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 an...
CVE-2012-0371 Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, w...
CVE-2012-0376 The voice-sipstack component in Cisco Unified Communications Manager (CUCM) 8.5 allows remote attack...
CVE-2012-0378 Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allow rem...
CVE-2012-0381 The IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x throu...
CVE-2012-0382 The Multicast Source Discovery Protocol (MSDP) implementation in Cisco IOS 12.0, 12.2 through 12.4, ...
CVE-2012-0383 Memory leak in the NAT feature in Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a ...
CVE-2012-0384 Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS before 3...
CVE-2012-0385 The Smart Install feature in Cisco IOS 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a...
CVE-2012-0386 The SSHv2 implementation in Cisco IOS 12.2, 12.4, 15.0, 15.1, and 15.2 and IOS XE 2.3.x through 2.6....
CVE-2012-0387 Memory leak in the HTTP Inspection Engine feature in the Zone-Based Firewall in Cisco IOS 12.4, 15.0...
CVE-2012-0388 Memory leak in the H.323 inspection feature in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1...
CVE-2012-0389 Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enter...
E S
CVE-2012-0390 The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain error-handling code only if th...
CVE-2012-0391 The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL...
KEV E
CVE-2012-0392 The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whit...
E
CVE-2012-0393 The ParameterInterceptor component in Apache Struts before 2.3.1.1 does not prevent access to public...
E
CVE-2012-0394 The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, all...
E
CVE-2012-0395 Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release b...
CVE-2012-0396 EMC Documentum xPlore 1.0, 1.1 before P07, and 1.2 does not properly enforce the requirement for BRO...
CVE-2012-0397 Buffer overflow in EMC RSA SecurID Software Token Converter before 2.6.1 allows remote attackers to ...
CVE-2012-0398 EMC Documentum eRoom before 7.4.4 does not properly validate session cookies, which allows remote at...
CVE-2012-0399 Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow...
CVE-2012-0400 EMC RSA enVision 4.x before 4.1 Patch 4 does not properly restrict the number of failed authenticati...
CVE-2012-0401 Multiple SQL injection vulnerabilities in EMC RSA enVision 4.x before 4.1 Patch 4 allow remote authe...
CVE-2012-0402 EMC RSA enVision 4.x before 4.1 Patch 4 uses unspecified hardcoded credentials, which makes it easie...
CVE-2012-0403 Directory traversal vulnerability in EMC RSA enVision 4.x before 4.1 Patch 4 allows remote authentic...
CVE-2012-0404 Cross-site scripting (XSS) vulnerability in EMC Documentum eRoom before 7.4.4 allows remote attacker...
CVE-2012-0405 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-0406 The DPA_Utilities.cProcessAuthenticationData function in EMC Data Protection Advisor (DPA) 5.5 throu...
E
CVE-2012-0407 Integer overflow in the DPA_Utilities library in EMC Data Protection Advisor (DPA) 5.5 through 5.8 S...
E
CVE-2012-0408 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-0409 Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.3 allow remote attackers to ca...
CVE-2012-0410 Directory traversal vulnerability in WebAccess in Novell GroupWise before 8.03 allows remote attacke...
CVE-2012-0411 Unspecified vulnerability in Novell iPrint Client before 5.82 allows remote attackers to execute arb...
CVE-2012-0414 Cross-site scripting (XSS) vulnerability in the Spacewalk service in SUSE Manager 1.2 for SUSE Linux...
CVE-2012-0417 Integer overflow in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 an...
S
CVE-2012-0418 Unspecified vulnerability in the client in Novell GroupWise 8.0 before Support Pack 3 and 2012 befor...
S
CVE-2012-0419 Directory traversal vulnerability in the agent HTTP interfaces in Novell GroupWise 8.0 before Suppor...
S
CVE-2012-0420 zypp-refresh-wrapper in SUSE Zypper before 1.3.20 and 1.6.x before 1.6.166 allows local users to cre...
CVE-2012-0421 The SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE Manager and Spacewalk uses world-read...
CVE-2012-0425 LanItems.ycp in save_y2logs in yast2-network before 2.24.4 in SUSE YaST writes cleartext Wi-Fi crede...
CVE-2012-0426 Race condition in sap_suse_cluster_connector before 1.0.0-0.8.1 in SUSE Linux Enterprise for SAP App...
CVE-2012-0427 yast2-add-on-creator in SUSE inst-source-utils 2008.11.26 before 2008.11.26-0.9.1 and 2012.9.13 befo...
E
CVE-2012-0428 Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x befo...
CVE-2012-0429 dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote...
CVE-2012-0430 Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on W...
CVE-2012-0432 Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8....
CVE-2012-0433 insecure permissions on files containing confidential data
CVE-2012-0434 The server in Crowbar, as used in SUSE Cloud 1.0, uses weak permissions for the production.log file,...
CVE-2012-0435 SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify the hosts list, and subsequen...
CVE-2012-0439 An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 bef...
CVE-2012-0440 Cross-site request forgery (CSRF) vulnerability in jsonrpc.cgi in Bugzilla 3.5.x and 3.6.x before 3....
E S
CVE-2012-0441 The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, ...
CVE-2012-0442 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x ...
E S
CVE-2012-0443 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 9.0, Thund...
CVE-2012-0444 Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, an...
E S
CVE-2012-0445 Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote ...
CVE-2012-0446 Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird ...
CVE-2012-0447 Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 do not proper...
CVE-2012-0448 Bugzilla 2.x and 3.x before 3.4.14, 3.5.x and 3.6.x before 3.6.8, 3.7.x and 4.0.x before 4.0.4, and ...
E S
CVE-2012-0449 Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, an...
S
CVE-2012-0450 Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and Mac OS X set weak permissions ...
CVE-2012-0451 CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Th...
CVE-2012-0452 Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, ...
CVE-2012-0453 Cross-site request forgery (CSRF) vulnerability in xmlrpc.cgi in Bugzilla 4.0.2 through 4.0.4 and 4....
S
CVE-2012-0454 Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Th...
CVE-2012-0455 Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird befo...
CVE-2012-0456 The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10...
CVE-2012-0457 Use-after-free vulnerability in the nsSMILTimeValueSpec::ConvertBetweenTimeContainer function in Moz...
CVE-2012-0458 Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird befo...
E S
CVE-2012-0459 The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x through 10.0, Firefox ESR 10....
CVE-2012-0460 Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thun...
CVE-2012-0461 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.28 and 4.x ...
CVE-2012-0462 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 10.0, Fire...
CVE-2012-0463 The nsWindow implementation in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 1...
CVE-2012-0464 Use-after-free vulnerability in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through ...
CVE-2012-0465 Bugzilla 3.5.x and 3.6.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and 4.1.x and 4.2.x before 4.2....
S
CVE-2012-0466 template/en/default/list/list.js.tmpl in Bugzilla 2.x and 3.x before 3.6.9, 3.7.x and 4.0.x before 4...
CVE-2012-0467 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 11.0, Fire...
CVE-2012-0468 The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey ...
CVE-2012-0469 Use-after-free vulnerability in the mozilla::dom::indexedDB::IDBKeyRange::cycleCollection::Trace fun...
CVE-2012-0470 Heap-based buffer overflow in the nsSVGFEDiffuseLightingElement::LightPixel function in Mozilla Fire...
CVE-2012-0471 Cross-site scripting (XSS) vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x befor...
CVE-2012-0472 The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4,...
CVE-2012-0473 The WebGLBuffer::FindMaxUshortElement function in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x...
CVE-2012-0474 Cross-site scripting (XSS) vulnerability in the docshell implementation in Mozilla Firefox 4.x throu...
CVE-2012-0475 Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not prop...
CVE-2012-0477 Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 11.0, Firefox ESR...
CVE-2012-0478 The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ES...
CVE-2012-0479 Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thun...
CVE-2012-0484 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allo...
CVE-2012-0485 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remot...
CVE-2012-0486 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenti...
CVE-2012-0487 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenti...
CVE-2012-0488 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenti...
CVE-2012-0489 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenti...
CVE-2012-0490 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allo...
CVE-2012-0491 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenti...
CVE-2012-0492 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remot...
CVE-2012-0493 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenti...
CVE-2012-0494 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to ...
CVE-2012-0495 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenti...
CVE-2012-0496 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenti...
CVE-2012-0497 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2012-0498 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2012-0499 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2012-0500 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2012-0501 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2012-0502 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2012-0503 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2012-0504 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2012-0505 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2012-0506 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2012-0507 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
KEV E
CVE-2012-0508 Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX, 1.3.0 and earlier, and 1...
CVE-2012-0509 Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic...
CVE-2012-0510 Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, ...
CVE-2012-0511 Unspecified vulnerability in the OCI component in Oracle Database Server 10.2.0.3, 10.2.0.4, and 11....
CVE-2012-0512 Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Serve...
CVE-2012-0513 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su...
CVE-2012-0514 Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft Products 9...
CVE-2012-0515 Unspecified vulnerability in the Identity Manager Connector component in Oracle Fusion Middleware 9....
CVE-2012-0516 Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite 7....
CVE-2012-0517 Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products ...
CVE-2012-0518 Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion...
KEV S
CVE-2012-0519 Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.2, when runni...
CVE-2012-0520 Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Serve...
CVE-2012-0521 Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9...
CVE-2012-0522 Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 10.1.3.5 al...
CVE-2012-0523 Unspecified vulnerability in the Oracle Grid Engine component in Oracle Sun Products Suite 6.1 and 6...
CVE-2012-0524 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2012-0525 Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Serve...
CVE-2012-0526 Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Serve...
CVE-2012-0527 Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Serve...
CVE-2012-0528 Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Serve...
CVE-2012-0529 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2012-0530 Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft Products 9...
CVE-2012-0531 Unspecified vulnerability in the PeopleSoft Enterprise Portal component in Oracle PeopleSoft Product...
CVE-2012-0532 Unspecified vulnerability in the Identity Manager component in Oracle Fusion Middleware 11.1.1.3 and...
CVE-2012-0533 Unspecified vulnerability in the PeopleSoft Enterprise FCSM component in Oracle PeopleSoft Products ...
CVE-2012-0534 Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 10.2.0.3, 10.2.0.4, ...
CVE-2012-0535 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su...
CVE-2012-0536 Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products ...
CVE-2012-0537 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su...
CVE-2012-0538 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2012-0539 Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidenti...
CVE-2012-0540 Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows re...
CVE-2012-0541 Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic...
CVE-2012-0542 Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0....
CVE-2012-0543 Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Mi...
CVE-2012-0544 Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Ser...
CVE-2012-0545 Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Ser...
S
CVE-2012-0546 Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Ser...
S
CVE-2012-0547 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2012-0548 Unspecified vulnerability in Oracle SPARC Enterprise M Series Servers XCP 1110 and earlier allows lo...
CVE-2012-0549 Unspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Sui...
CVE-2012-0550 Unspecified vulnerability in the GlassFish Enterprise Server component in Oracle Sun Products Suite ...
CVE-2012-0551 Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE 7 update 4 and ear...
CVE-2012-0552 Unspecified vulnerability in the Oracle Spatial component in Oracle Database Server 10.2.0.3, 10.2.0...
CVE-2012-0553 Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecif...
CVE-2012-0554 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2012-0555 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2012-0556 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2012-0557 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2012-0558 Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in O...
CVE-2012-0559 Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft Products 9...
CVE-2012-0560 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2012-0561 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
S
CVE-2012-0562 Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products ...
S
CVE-2012-0563 Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local users to affect availability ...
CVE-2012-0564 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
S
CVE-2012-0565 Unspecified vulnerability in the Oracle Agile component in Oracle Supply Chain Products Suite 5.2.2,...
CVE-2012-0566 Unspecified vulnerability in the Oracle Agile component in Oracle Supply Chain Products Suite 5.2.2,...
CVE-2012-0567 Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Ser...
S
CVE-2012-0568 Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidenti...
S
CVE-2012-0569 Unspecified vulnerability Oracle Sun Solaris 10 allows local users to affect confidentiality and int...
S
CVE-2012-0570 Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availa...
S
CVE-2012-0571 Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Ser...
S
CVE-2012-0572 Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and ...
CVE-2012-0573 Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Ser...
S
CVE-2012-0574 Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and...
CVE-2012-0575 Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Ser...
S
CVE-2012-0576 Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic...
S
CVE-2012-0577 Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Ser...
S
CVE-2012-0578 Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote a...
CVE-2012-0579 Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Ser...
S
CVE-2012-0580 Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Produ...
CVE-2012-0581 Unspecified vulnerability in the Oracle Agile component in Oracle Supply Chain Products Suite 5.2.2,...
S
CVE-2012-0582 Unspecified vulnerability in the Siebel Clinical component in Oracle Industry Applications 7.7, 7.8,...
S
CVE-2012-0583 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5....
CVE-2012-0584 The Internationalized Domain Name (IDN) feature in Apple Safari before 5.1.4 on Windows does not pro...
CVE-2012-0585 The Private Browsing feature in Safari in Apple iOS before 5.1 allows remote attackers to bypass int...
CVE-2012-0586 Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote a...
CVE-2012-0587 Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote a...
CVE-2012-0588 Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote a...
CVE-2012-0589 Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote a...
CVE-2012-0590 Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows user-ass...
CVE-2012-0591 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0592 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0593 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0594 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0595 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0596 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0597 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0598 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0599 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0600 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0601 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0602 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0603 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0604 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0605 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0606 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0607 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0608 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0609 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0610 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0611 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0612 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0613 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0614 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0615 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0616 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0617 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0618 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0619 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0620 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0621 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0622 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0623 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0624 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0625 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0626 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0627 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0628 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0629 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0630 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0631 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0632 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0633 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0634 WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary...
CVE-2012-0635 WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute a...
CVE-2012-0636 WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary...
CVE-2012-0637 WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary...
CVE-2012-0638 WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary...
CVE-2012-0639 WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary...
CVE-2012-0640 WebKit in Apple Safari before 5.1.4 does not properly implement "From third parties and advertisers"...
CVE-2012-0641 CFNetwork in Apple iOS before 5.1 does not properly construct request headers during parsing of URLs...
CVE-2012-0642 Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause...
CVE-2012-0643 The kernel in Apple iOS before 5.1 does not properly handle debug system calls, which allows remote ...
CVE-2012-0644 Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate atta...
CVE-2012-0645 Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice comm...
CVE-2012-0646 Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitr...
CVE-2012-0647 WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP auth...
CVE-2012-0648 WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary...
CVE-2012-0649 Race condition in the initialization routine in blued in Bluetooth in Apple Mac OS X before 10.7.4 a...
CVE-2012-0650 Buffer overflow in the DirectoryService Proxy in DirectoryService in Apple Mac OS X through 10.6.8 a...
CVE-2012-0651 The directory server in Directory Service in Apple Mac OS X 10.6.8 allows remote attackers to obtain...
CVE-2012-0652 Login Window in Apple Mac OS X 10.7.3, when Legacy File Vault or networked home directories are enab...
CVE-2012-0653 Rejected reason: This candidate is unused by its CNA....
R
CVE-2012-0654 libsecurity in Apple Mac OS X before 10.7.4 accesses uninitialized memory locations during the proce...
CVE-2012-0655 libsecurity in Apple Mac OS X before 10.7.4 does not properly restrict the length of RSA keys within...
CVE-2012-0656 Race condition in LoginUIFramework in Apple Mac OS X 10.7.x before 10.7.4, when the Guest account is...
CVE-2012-0657 Quartz Composer in Apple Mac OS X before 10.7.4, when the RSS Visualizer screensaver is enabled, all...
CVE-2012-0658 Buffer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbi...
CVE-2012-0659 Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arb...
CVE-2012-0660 Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arb...
CVE-2012-0661 Use-after-free vulnerability in QuickTime in Apple Mac OS X 10.7.x before 10.7.4 allows remote attac...
CVE-2012-0662 Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers t...
CVE-2012-0663 Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2 on Windows allow remote attack...
CVE-2012-0664 Heap-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to exe...
CVE-2012-0665 Heap-based buffer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitr...
CVE-2012-0666 Stack-based buffer overflow in the plugin in Apple QuickTime before 7.7.2 on Windows allows remote a...
CVE-2012-0667 Integer signedness error in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execu...
CVE-2012-0668 Buffer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or...
CVE-2012-0669 Buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitr...
CVE-2012-0670 Integer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code o...
CVE-2012-0671 Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of ...
CVE-2012-0672 WebKit in Apple iOS before 5.1.1 allows remote attackers to execute arbitrary code or cause a denial...
CVE-2012-0673 Rejected reason: This candidate is unused by its CNA....
R
CVE-2012-0674 Safari in Apple iOS before 5.1.1 allows remote attackers to spoof the location bar's URL via a craft...
CVE-2012-0675 Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authenticat...
CVE-2012-0676 WebKit in Apple Safari before 5.1.7 does not properly track state information during the processing ...
CVE-2012-0677 Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrar...
CVE-2012-0678 Cross-site scripting (XSS) vulnerability in Apple Safari before 6.0 allows remote attackers to injec...
CVE-2012-0679 Apple Safari before 6.0 allows remote attackers to read arbitrary files via a feed:// URL....
CVE-2012-0680 Apple Safari before 6.0 does not properly handle the autocomplete attribute of a password input elem...
CVE-2012-0681 Apple Remote Desktop before 3.6.1 does not recognize the "Encrypt all network data" setting during c...
CVE-2012-0682 WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau...
CVE-2012-0683 WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau...
CVE-2012-0684 Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary...
S
CVE-2012-0685 Integer overflow in XnViewer (aka XnView) before 1.98.5 allows remote attackers to execute arbitrary...
S
CVE-2012-0687 TIBCO ActiveMatrix Runtime Platform in Service Grid and Service Bus 2.x before 2.3.2 and BusinessWor...
CVE-2012-0688 Cross-site scripting (XSS) vulnerability in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric Activ...
CVE-2012-0689 The server in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribut...
CVE-2012-0690 TIBCO Spotfire Web Application, Web Player Application, Automation Services Application, and Analyti...
CVE-2012-0691 CA License (aka CA Licensing) before 1.90.03 does not properly restrict system commands, which allow...
CVE-2012-0692 CA License (aka CA Licensing) before 1.90.03 allows local users to modify or create arbitrary files,...
CVE-2012-0693 submitticket.php in WHMCompleteSolution (WHMCS) 5.03 allows remote attackers to inject arbitrary cod...
CVE-2012-0694 SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allo...
E
CVE-2012-0695 Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung ...
CVE-2012-0696 Multiple cross-site scripting (XSS) vulnerabilities in the Executive Viewer (EV) in IBM Cognos TM1 b...
CVE-2012-0697 HP StorageWorks P2000 G3 MSA array systems have a default account, which makes it easier for remote ...
CVE-2012-0698 tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of service (daemon crash) v...
E
CVE-2012-0699 Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 ...
E
CVE-2012-0700 The client in InfoSphere FastTrack 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 bef...
CVE-2012-0701 The client applications in the DataStage Administrator client in InfoSphere DataStage in IBM InfoSph...
CVE-2012-0702 Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8...
CVE-2012-0703 Open redirect vulnerability in Information Services Framework (ISF) in IBM InfoSphere Information Se...
CVE-2012-0705 InfoSphere Import Export Manager in InfoSphere Information Server MetaBrokers & Bridges (MBB) in IBM...
CVE-2012-0706 IBM Scale Out Network Attached Storage (SONAS) 1.3 before 1.3.2.3 requires cleartext storage of LDAP...
CVE-2012-0707 Cross-site scripting (XSS) vulnerability in IBM WebSphere Lombardi Edition 7.2 allows remote attacke...
CVE-2012-0708 Heap-based buffer overflow in the Ole API in the CQOle ActiveX control in cqole.dll in IBM Rational ...
CVE-2012-0709 IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 does not properly check variables, whic...
CVE-2012-0710 IBM DB2 9.1 before FP11, 9.5 before FP9, 9.7 before FP5, and 9.8 before FP4 allows remote attackers ...
CVE-2012-0711 Integer signedness error in the db2dasrrm process in the DB2 Administration Server (DAS) in IBM DB2 ...
CVE-2012-0712 The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authen...
CVE-2012-0713 Unspecified vulnerability in the XML feature in IBM DB2 9.7 before FP6 on Linux, UNIX, and Windows a...
CVE-2012-0714 Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as u...
CVE-2012-0715 Cross-site scripting (XSS) vulnerability in the Gantt applet viewer in IBM Tivoli Change and Configu...
CVE-2012-0716 Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application ...
CVE-2012-0717 IBM WebSphere Application Server 7.0 before 7.0.0.23, when a certain SSLv2 configuration with client...
CVE-2012-0718 IBM Tivoli Endpoint Manager 8 does not set the HttpOnly flag on cookies....
CVE-2012-0719 Cross-site scripting (XSS) vulnerability in IBM Tivoli Endpoint Manager (TEM) 8 before 8.2 patch 3 a...
E
CVE-2012-0720 Cross-site scripting (XSS) vulnerability in the Integration Solution Console in the Administration C...
CVE-2012-0721 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2012-0722 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0722. Reason: This candida...
R
CVE-2012-0723 The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement t...
CVE-2012-0724 Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to caus...
CVE-2012-0725 Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to caus...
CVE-2012-0726 The default configuration of TLS in IBM Tivoli Directory Server (TDS) 6.3 and earlier supports the (...
CVE-2012-0727 SQL injection vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, ...
CVE-2012-0728 SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Co...
CVE-2012-0729 Unrestricted file upload vulnerability in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1...
CVE-2012-0730 Multiple cross-site request forgery (CSRF) vulnerabilities in IBM Rational AppScan Enterprise 5.x an...
CVE-2012-0731 IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not prevent service-account imperson...
CVE-2012-0732 The Enterprise Console client in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not...
CVE-2012-0733 IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1, when Integrated Windows authentication i...
CVE-2012-0734 IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly import jobs, which allo...
CVE-2012-0735 IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly scan file: URLs, which ...
CVE-2012-0736 IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly create scan jobs, which...
CVE-2012-0737 Cross-site scripting (XSS) vulnerability in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0...
CVE-2012-0738 IBM Security AppScan Enterprise before 8.6.0.2 and Rational Policy Tester before 8.5.0.3 do not vali...
S
CVE-2012-0740 Cross-site scripting (XSS) vulnerability in the Web Admin Tool in IBM Tivoli Directory Server (TDS) ...
CVE-2012-0741 IBM Security AppScan Enterprise before 8.6.0.2 and Rational Policy Tester before 8.5.0.3 do not vali...
S
CVE-2012-0742 IBM Tivoli Event Pump 4.2.2, when the LOG_REQUESTS and VALIDATE_SOAP_USERS options are enabled, plac...
CVE-2012-0743 IBM Tivoli Directory Server (TDS) 6.3 and earlier allows remote attackers to cause a denial of servi...
CVE-2012-0744 IBM Rational ClearQuest 7.1.x through 7.1.2.7 and 8.x through 8.0.0.3 allows remote attackers to obt...
CVE-2012-0745 The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not proper...
CVE-2012-0746 Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud C...
CVE-2012-0747 SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Co...
CVE-2012-0748 Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified services in IBM Rational T...
CVE-2012-0751 The ActiveX control in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows ...
S
CVE-2012-0752 Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and S...
S
CVE-2012-0753 Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and S...
S
CVE-2012-0754 Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and S...
KEV S
CVE-2012-0755 Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and S...
S
CVE-2012-0756 Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and S...
S
CVE-2012-0757 The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to exe...
S
CVE-2012-0758 Heap-based buffer overflow in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute a...
S
CVE-2012-0759 Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denia...
S
CVE-2012-0760 The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to exe...
S
CVE-2012-0761 The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to exe...
S
CVE-2012-0762 The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to exe...
S
CVE-2012-0763 The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to exe...
S
CVE-2012-0764 The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to exe...
S
CVE-2012-0765 Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 8 and 9 for Word allow remote ...
CVE-2012-0766 The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to exe...
S
CVE-2012-0767 Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11...
KEV S
CVE-2012-0768 The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windo...
S
CVE-2012-0769 Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and S...
S
CVE-2012-0770 Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 computes hash values for form parameters without restric...
CVE-2012-0771 Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denia...
CVE-2012-0772 An unspecified ActiveX control in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228...
S
CVE-2012-0773 The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows...
S
CVE-2012-0774 Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attacker...
S
CVE-2012-0775 The JavaScript implementation in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 al...
S
CVE-2012-0776 The installer in Adobe Reader 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to bypass int...
S
CVE-2012-0777 The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 on Mac OS X a...
M
CVE-2012-0778 Buffer overflow in Adobe Flash Professional before CS6 allows attackers to execute arbitrary code vi...
CVE-2012-0779 Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; ...
CVE-2012-0780 Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service...
S
CVE-2012-0781 The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (N...
E
CVE-2012-0782 Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/setup-config.php in the installation...
E
CVE-2012-0785 Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins...
CVE-2012-0786 The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite ar...
CVE-2012-0787 The clone_file function in transfer.c in Augeas before 1.0.0, when copy_if_rename_fails is set and E...
E S
CVE-2012-0788 The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, w...
CVE-2012-0789 Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a den...
E
CVE-2012-0790 Cross-site scripting (XSS) vulnerability in smokeping_cgi in Smokeping 2.4.2, 2.6.6, and other versi...
S
CVE-2012-0791 Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware W...
CVE-2012-0792 mod/forum/user.php in Moodle 1.9.x before 1.9.16 allows remote authenticated users to obtain the nam...
CVE-2012-0793 Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows re...
CVE-2012-0794 The rc4encrypt function in lib/moodlelib.php in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1....
CVE-2012-0795 Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 does not ...
CVE-2012-0796 class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x before 1.9.16, 2.0.x before 2....
CVE-2012-0797 The webservices functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2...
CVE-2012-0798 The self-enrolment functionality in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 allows remote a...
CVE-2012-0799 Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous front-page forum is enabled, all...
CVE-2012-0800 The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x be...
CVE-2012-0801 lib/formslib.php in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 does not properly handle multip...
CVE-2012-0802 Multiple buffer overflows in Spamdyke before 4.3.0 might allow remote attackers to execute arbitrary...
CVE-2012-0803 The WS-SP UsernameToken policy in Apache CXF 2.4.5 and 2.5.1 allows remote attackers to bypass authe...
S
CVE-2012-0804 Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows...
CVE-2012-0805 Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remo...
E S
CVE-2012-0806 Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated users to execute arbitrary...
S
CVE-2012-0807 Stack-based buffer overflow in the suhosin_encrypt_single_cookie function in the transparent cookie-...
E S
CVE-2012-0808 as31 2.3.1-4 does not seed the random number generator and generates predictable temporary file name...
CVE-2012-0809 Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local us...
E
CVE-2012-0810 The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local ...
S
CVE-2012-0811 Multiple SQL injection vulnerabilities in Postfix Admin (aka postfixadmin) before 2.3.5 allow remote...
E
CVE-2012-0812 PostfixAdmin 2.3.4 has multiple XSS vulnerabilities...
CVE-2012-0813 Wicd before 1.7.1 saves sensitive information in log files in /var/log/wicd, which allows context-de...
CVE-2012-0814 The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messa...
CVE-2012-0815 The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause...
S
CVE-2012-0816 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2012-0817 Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service...
S
CVE-2012-0818 RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity referen...
S
CVE-2012-0819 Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to obtain ...
S
CVE-2012-0820 Cross-site scripting (XSS) vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attac...
S
CVE-2012-0821 Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to obtain ...
S
CVE-2012-0822 Cross-site scripting (XSS) vulnerability in Joomla! 1.6 and 1.7.x before 1.7.4 allows remote attacke...
S
CVE-2012-0823 VP8 Codec SDK (libvpx) before 1.0.0 "Duclair" allows remote attackers to cause a denial of service (...
CVE-2012-0824 gnusound 0.7.5 has format string issue...
S
CVE-2012-0825 Drupal 6.x before 6.23 and 7.x before 7.11 does not verify that Attribute Exchange (AX) information ...
CVE-2012-0826 Cross-site request forgery (CSRF) vulnerability in the Aggregator module in Drupal 6.x before 6.23 a...
CVE-2012-0827 The File module in Drupal 7.x before 7.11, when using unspecified field access modules, allows remot...
S
CVE-2012-0828 Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture...
S
CVE-2012-0829 Multiple cross-site request forgery (CSRF) vulnerabilities in Mibew Messenger 1.6.4 and earlier allo...
E
CVE-2012-0830 The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to exe...
E
CVE-2012-0831 PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive dur...
E S
CVE-2012-0832 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2012-0833 The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server befo...
E S
CVE-2012-0834 Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in phpLDAPadmin 1.2.2 and earlier al...
E
CVE-2012-0835 Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to o...
S
CVE-2012-0836 Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 allows attackers to read the error log via u...
S
CVE-2012-0837 Joomla! 1.7.x before 1.7.5 and 2.5.x before 2.5.1 allows attackers to obtain the installation path v...
S
CVE-2012-0838 Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a con...
CVE-2012-0839 OCaml 3.12.1 and earlier computes hash values without restricting the ability to trigger hash collis...
CVE-2012-0840 tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values wi...
S
CVE-2012-0841 libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions...
S
CVE-2012-0842 surf: cookie jar has read access from other local user...
CVE-2012-0843 uzbl: Information disclosure via world-readable cookies storage file...
CVE-2012-0844 Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar....
CVE-2012-0845 SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3...
E S
CVE-2012-0846 Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar 1.2.4 allows remote attackers ...
E
CVE-2012-0847 Heap-based buffer overflow in the avfilter_filter_samples function in libavfilter/avfilter.c in FFmp...
CVE-2012-0848 Heap-based buffer overflow in the ws_snd_decode_frame function in libavcodec/ws-snd1.c in FFmpeg 0.9...
CVE-2012-0849 Integer overflow in the ff_j2k_dwt_init function in libavcodec/j2k_dwt.c in FFmpeg before 0.9.1 allo...
S
CVE-2012-0850 The sbr_qmf_synthesis function in libavcodec/aacsbr.c in FFmpeg before 0.9.1 allows remote attackers...
CVE-2012-0851 The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 0.9.1 and ...
CVE-2012-0852 The adpcm_decode_frame function in adpcm.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x b...
CVE-2012-0853 The decodeTonalComponents function in the Actrac3 codec (atrac3.c) in libavcodec in FFmpeg 0.7.x bef...
E
CVE-2012-0854 The dpcm_decode_frame function in libavcodec/dpcm.c in FFmpeg before 0.9.1 does not use the proper p...
CVE-2012-0855 Heap-based buffer overflow in the get_sot function in the J2K decoder (j2k.c) in libavcodec in FFmpe...
CVE-2012-0856 Heap-based buffer overflow in the MPV_frame_start function in libavcodec/mpegvideo.c in FFmpeg befor...
E
CVE-2012-0857 Multiple buffer overflows in the get_qcx function in the J2K decoder (j2kdec.c) in libavcode in FFmp...
CVE-2012-0858 The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, a...
CVE-2012-0859 The render_line function in the vorbis codec (vorbis.c) in libavcodec in FFmpeg before 0.9.1 allows ...
CVE-2012-0860 Multiple untrusted search path vulnerabilities in Red Hat Enterprise Virtualization Manager (RHEV-M)...
CVE-2012-0861 The vds_installer in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when adding a ho...
CVE-2012-0862 builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is...
CVE-2012-0863 Mumble 1.2.3 and earlier uses world-readable permissions for .local/share/data/Mumble/.mumble.sqlite...
CVE-2012-0864 Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other version...
E
CVE-2012-0865 Multiple open redirect vulnerabilities in CubeCart 3.0.20 and earlier allow remote attackers to redi...
E
CVE-2012-0866 CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x...
CVE-2012-0867 PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name...
CVE-2012-0868 CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0....
CVE-2012-0869 Cross-site scripting (XSS) vulnerability in fup in Frams' Fast File EXchange (F*EX, aka fex) before ...
S
CVE-2012-0870 Heap-based buffer overflow in process.c in smbd in Samba 3.0, as used in the file-sharing service on...
S
CVE-2012-0871 The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibl...
CVE-2012-0872 Multiple cross-site scripting (XSS) vulnerabilities in OxWall 1.1.1 and earlier allow remote attacke...
E
CVE-2012-0873 Multiple cross-site scripting (XSS) vulnerabilities in Boonex Dolphin before 7.0.8 allow remote atta...
E S
CVE-2012-0874 The (1) JMXInvokerHAServlet and (2) EJBInvokerHAServlet invoker servlets in JBoss Enterprise Applica...
E
CVE-2012-0875 SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local u...
CVE-2012-0876 The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the abili...
CVE-2012-0877 PyXML: Hash table collisions CPU usage Denial of Service...
CVE-2012-0878 Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root pr...
S
CVE-2012-0879 The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle ...
S
CVE-2012-0880 Apache Xerces-C++ allows remote attackers to cause a denial of service (CPU consumption) via a craft...
CVE-2012-0881 Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service (CPU c...
S
CVE-2012-0882 Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before...
CVE-2012-0883 envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name...
S
CVE-2012-0884 The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1....
CVE-2012-0885 chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the res_srtp mo...
E S
CVE-2012-0891 Multiple cross-site scripting (XSS) vulnerabilities in Puppet Dashboard 1.0 before 1.2.5 and Enterpr...
CVE-2012-0895 Cross-site scripting (XSS) vulnerability in map/map.php in the Count Per Day module before 3.1.1 for...
E
CVE-2012-0896 Absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for W...
E
CVE-2012-0897 Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote at...
CVE-2012-0898 Directory traversal vulnerability in meb_download.php in the myEASYbackup plugin 1.0.8.1 for WordPre...
E
CVE-2012-0899 Cross-site scripting (XSS) vulnerability in referencement/sites_inscription.php in Annuaire PHP allo...
E
CVE-2012-0900 Multiple cross-site scripting (XSS) vulnerabilities in Beehive Forum 1.0.1 allow remote attackers to...
E
CVE-2012-0901 Cross-site scripting (XSS) vulnerability in yousaytoo.php in YouSayToo auto-publishing plugin 1.0 fo...
E
CVE-2012-0902 AirTies Air 4450 1.1.2.18 allows remote attackers to cause a denial of service (reboot) via a direct...
E
CVE-2012-0903 Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Desktop 7.1.2 b10978 allow remote atta...
E
CVE-2012-0904 VLC media player 1.1.11 allows remote attackers to cause a denial of service (crash) via a long stri...
E
CVE-2012-0905 SQL injection vulnerability in deV!L'z Clanportal (DZCP) Gamebase addon allows remote attackers to e...
E
CVE-2012-0906 SQL injection vulnerability in the Moviebase addon for deV!L'z Clanportal (DZCP) 1.5.5 allows remote...
E
CVE-2012-0907 Directory traversal vulnerability in the web player in NeoAxis NeoAxis web player 1.4 and earlier al...
CVE-2012-0908 Cross-site scripting (XSS) vulnerability in logout.php in SimpleSAMLphp 1.8.1 and possibly other ver...
CVE-2012-0909 Cross-site scripting (XSS) vulnerability in Horde_Form in Horde Groupware Webmail Edition before 4.0...
E
CVE-2012-0911 TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary PH...
E
CVE-2012-0912 SQL injection vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to execut...
CVE-2012-0913 SQL injection vulnerability in checklogin.aspx in ICloudCenter ICTimeAttendance 1.0 allows remote at...
E
CVE-2012-0914 Cross-site scripting (XSS) vulnerability in display_renderers/panels_renderer_editor.class.php in th...
S
CVE-2012-0915 Integer signedness error in RenRen Talk 2.9 allows remote attackers to execute arbitrary code via cr...
CVE-2012-0916 Heap-based buffer overflow in RenRen Talk 2.9 allows remote attackers to execute arbitrary code via ...
CVE-2012-0917 Cross-site scripting (XSS) vulnerability in Hitachi IT Operations Analyzer 02-01, 02-51 through 02-5...
CVE-2012-0918 Unspecified vulnerability in Hitachi COBOL2002 Net Developer, Net Server Suite, and Net Client Suite...
CVE-2012-0919 Cross-site scripting (XSS) vulnerability in Hitachi IT Operations Director 02-50-01 through 02-50-07...
CVE-2012-0920 Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54, when command restriction a...
CVE-2012-0922 rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 ...
CVE-2012-0923 The RV20 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1....
CVE-2012-0924 RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, a...
CVE-2012-0925 Unspecified vulnerability in the RV40 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 1...
CVE-2012-0926 The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1....
CVE-2012-0927 Unspecified vulnerability in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealP...
CVE-2012-0928 The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through 14.0.7, RealPlayer SP 1.0 through 1...
CVE-2012-0929 Multiple buffer overflows in Schneider Electric Modicon Quantum PLC allow remote attackers to cause ...
CVE-2012-0930 Cross-site scripting (XSS) vulnerability in Schneider Electric Modicon Quantum PLC allows remote att...
CVE-2012-0931 Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software an...
CVE-2012-0932 Cross-site scripting (XSS) vulnerability in admin/login.php in Lead Capture Page System allows remot...
E
CVE-2012-0933 Multiple cross-site scripting (XSS) vulnerabilities in Acidcat CMS 3.5.1, 3.5.2, 3.5.6, and possibly...
CVE-2012-0934 PHP remote file inclusion vulnerability in ajax/savetag.php in the Theme Tuner plugin for WordPress ...
E S
CVE-2012-0935 SQL injection vulnerability in Default.aspx in Aryadad CMS allows remote attackers to execute arbitr...
E
CVE-2012-0936 Cross-site scripting (XSS) vulnerability in web/springframework/security/SecurityAuthenticationEvent...
CVE-2012-0937 wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limi...
E
CVE-2012-0938 Multiple SQL injection vulnerabilities in TestLink 1.9.3, 1.8.5b, and earlier allow remote authentic...
CVE-2012-0939 Multiple SQL injection vulnerabilities in TestLink 1.8.5b and earlier allow remote authenticated use...
CVE-2012-0941 Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with Fo...
E
CVE-2012-0942 Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3...
CVE-2012-0943 debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, a...
S
CVE-2012-0944 Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when...
CVE-2012-0945 whoopsie-daisy before 0.1.26: Root user can remove arbitrary files...
E
CVE-2012-0946 The NVIDIA UNIX driver before 295.40 allows local users to access arbitrary memory locations by leve...
CVE-2012-0947 Heap-based buffer overflow in the vqa_decode_chunk function in the VQA codec (vqavideo.c) in libavco...
E
CVE-2012-0948 DistUpgrade/DistUpgradeMain.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, use...
CVE-2012-0949 The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain syst...
CVE-2012-0950 The Apport hook (DistUpgradeApport.py) in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11...
CVE-2012-0951 A Memory Corruption Vulnerability exists in NVIDIA Graphics Drivers 29549 due to an unknown function...
CVE-2012-0952 Heap overflow in control device ioctl
E
CVE-2012-0953 Kernel heap contents leak race in ioctl handler
E
CVE-2012-0954 APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyring...
CVE-2012-0955 software-properties incorrectly validated TLS certificates
E S
CVE-2012-0956 ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attacker...
CVE-2012-0957 The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users t...
E S
CVE-2012-0958 content/unity-api.js in the unity-firefox-extension extension 2.4.1 for Firefox exposes the toDataUR...
CVE-2012-0959 Remote Login Service (RLS) 1.0.0 does not properly clear account information when switching users, w...
CVE-2012-0960 Unity integration extension (unity-firefox-extension) before 2.4.1 for Firefox does not properly han...
CVE-2012-0961 Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ubuntu10.x before 0.8.16~exp12ub...
S
CVE-2012-0962 Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyse...
S
CVE-2012-0963 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-0964 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-0965 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-0966 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-0967 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-0968 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-0969 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-0970 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-0971 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-0972 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-0973 Multiple SQL injection vulnerabilities in OSClass before 2.3.5 allow remote attackers to execute arb...
CVE-2012-0974 Multiple cross-site scripting (XSS) vulnerabilities in the getParam function in oc-includes/osclass/...
E
CVE-2012-0975 Cross-site scripting (XSS) vulnerability in misc.php in Image Hosting Script DPI 1.0, 1.3, and earli...
E
CVE-2012-0976 Cross-site scripting (XSS) vulnerability in admin/EditForm in SilverStripe 2.4.6 allows remote authe...
E
CVE-2012-0977 Stack-based buffer overflow in jp2_x.dll in LuraWave JP2 ActiveX Control 2.1.5.5 and other versions ...
CVE-2012-0978 Stack-based buffer overflow in npjp2.dll in LuraWave JP2 Browser Plug-In 1.1.1.11 and other versions...
CVE-2012-0979 Cross-site scripting (XSS) vulnerability in TWiki allows remote attackers to inject arbitrary web sc...
E
CVE-2012-0980 SQL injection vulnerability in download.php in phux Download Manager allows remote attackers to exec...
E
CVE-2012-0981 Directory traversal vulnerability in phpShowtime 2.0 allows remote attackers to list arbitrary direc...
E
CVE-2012-0982 SQL injection vulnerability in search.php in Vastal I-Tech Agent Zone (aka The Real Estate Script) a...
E
CVE-2012-0983 SQL injection vulnerability in Scriptsez.net Ez Album allows remote attackers to execute arbitrary S...
E
CVE-2012-0984 Multiple cross-site scripting (XSS) vulnerabilities in XOOPS before 2.5.5 allow remote attackers to ...
E S
CVE-2012-0985 Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAI...
E
CVE-2012-0986 Multiple cross-site scripting (XSS) vulnerabilities in ImpressCMS 1.2.x before 1.2.7 Final and 1.3.x...
E S
CVE-2012-0987 Directory traversal vulnerability in edituser.php in ImpressCMS 1.2.x before 1.2.7 Final and 1.3.x b...
E S
CVE-2012-0988 Multiple cross-site scripting (XSS) vulnerabilities in config/dmsDefaults.php in KnowledgeTree 3.7.0...
E
CVE-2012-0989 Cross-site scripting (XSS) vulnerability in OneOrZero AIMS 2.8.0 Trial Edition build231211 and possi...
E
CVE-2012-0990 Cross-site request forgery (CSRF) vulnerability in admin/settings/update in DClassifieds 0.1 final a...
E S
CVE-2012-0991 Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to re...
E S
CVE-2012-0992 interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote authenticated users to execute arbitra...
E S
CVE-2012-0993 Eval injection vulnerability in zp-core/zp-extensions/viewer_size_image.php in ZENphoto 1.4.2, when ...
E S
CVE-2012-0994 SQL injection vulnerability in the Manage Albums feature in zp-core/admin-albumsort.php in ZENphoto ...
E S
CVE-2012-0995 Multiple cross-site scripting (XSS) vulnerabilities in ZENphoto 1.4.2 allow remote attackers to inje...
E S
CVE-2012-0996 Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable 12-31-2011 allow remote attackers...
E
CVE-2012-0997 Cross-site request forgery (CSRF) vulnerability in admin/index.php in 11in1 1.2.1 stable 12-31-2011 ...
E
CVE-2012-0998 Directory traversal vulnerability in account/preferences.php in LEPTON before 1.1.4 allows remote at...
E S
CVE-2012-0999 SQL injection vulnerability in modules/news/rss.php in LEPTON before 1.1.4 allows remote attackers t...
E S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.