CVE-2012-1xxx

There are 872 CVE in this subgroup.
Last updated: 
← Back to 2012
ID Summary Flags Max Score
CVE-2012-1000 Multiple cross-site scripting (XSS) vulnerabilities in LEPTON 1.1.3 and other versions before 1.1.4 ...
E S
CVE-2012-1001 Multiple cross-site scripting (XSS) vulnerabilities in Chyrp before 2.1.2 and before 2.5 Beta 2 allo...
E S
CVE-2012-1002 SQL injection vulnerability in author/edit.php in OpenConf 4.x before 4.12 allows remote attackers t...
E
CVE-2012-1003 Multiple integer overflows in Opera 11.60 and earlier allow remote attackers to cause a denial of se...
E
CVE-2012-1004 Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm in Foswiki before 1.1.5 allow ...
CVE-2012-1005 Multiple cross-site scripting (XSS) vulnerabilities in Sphinx Software Mobile Web Server 3.1.2.47 al...
CVE-2012-1006 Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote a...
CVE-2012-1007 Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote attackers t...
E
CVE-2012-1008 OfficeSIP Server 3.1 allows remote attackers to cause a denial of service (daemon crash) via a craft...
E
CVE-2012-1009 NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build 0186 allow remote attackers to...
E
CVE-2012-1010 Unrestricted file upload vulnerability in actions.php in the AllWebMenus plugin before 1.1.8 for Wor...
E
CVE-2012-1011 actions.php in the AllWebMenus plugin 1.1.8 for WordPress allows remote attackers to bypass intended...
E S
CVE-2012-1012 server/server_stubs.c in the kadmin protocol implementation in MIT Kerberos 5 (aka krb5) 1.10 before...
CVE-2012-1013 The check_1_6_dummy function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5...
E S
CVE-2012-1014 The process_as_req function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x...
S
CVE-2012-1015 The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5...
S
CVE-2012-1016 The pkinit_server_return_padata function in plugins/preauth/pkinit/pkinit_srv.c in the PKINIT implem...
S
CVE-2012-1017 Multiple SQL injection vulnerabilities in base_qry_main.php in Basic Analysis and Security Engine (B...
E
CVE-2012-1018 Cross-site scripting (XSS) vulnerability in includes/convert.php in D-Mack Media Currency Converter ...
E
CVE-2012-1019 Multiple cross-site scripting (XSS) vulnerabilities in XWiki Enterprise 3.4 allow remote attackers t...
E
CVE-2012-1020 Multiple cross-site scripting (XSS) vulnerabilities in login.php in NexorONE Online Banking allow re...
E
CVE-2012-1021 Cross-site scripting (XSS) vulnerability in admin/categories.php in 4images 1.7.10 allows remote att...
E
CVE-2012-1022 SQL injection vulnerability in admin/categories.php in 4images 1.7.10 remote attackers to execute ar...
E
CVE-2012-1023 Open redirect vulnerability in admin/index.php in 4images 1.7.10 allows remote attackers to redirect...
E
CVE-2012-1024 Directory traversal vulnerability in file in Enigma2 Webinterface 1.5rc1 and 1.5beta4 allows remote ...
E
CVE-2012-1025 Absolute path traversal vulnerability in file in Enigma2 Webinterface 1.6.0 through 1.6.8, 1.6rc3, a...
E
CVE-2012-1026 Multiple SQL injection vulnerabilities in login2.php in XRay CMS 1.1.1 allow remote attackers to exe...
E
CVE-2012-1027 Cross-site scripting (XSS) vulnerability in account-closed.tcl in ]project-open[ (aka ]po[) 3.4.x, 3...
E
CVE-2012-1028 Cross-site scripting (XSS) vulnerability in bin/index.php in SimpleGroupware 0.742 and other version...
E
CVE-2012-1029 SQL injection vulnerability in mobile/search/index.php in Tube Ace (Adult PHP Tube Script) 1.6 allow...
E
CVE-2012-1030 Cross-site scripting (XSS) vulnerability in DotNetNuke 6.x through 6.0.2 allows user-assisted remote...
CVE-2012-1031 Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in certain configurations using Form...
CVE-2012-1032 Cross-site scripting (XSS) vulnerability in the Euroling SiteSeeker module 3.x before 3.4.5 for EPiS...
CVE-2012-1033 The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS reco...
CVE-2012-1034 Multiple cross-site scripting (XSS) vulnerabilities in the admin interface in EPiServer CMS through ...
CVE-2012-1035 AdaCore Ada Web Services (AWS) before 2.10.2 computes hash values for form parameters without restri...
CVE-2012-1036 Cross-site scripting (XSS) vulnerability in the telerik HTML editor in DotNetNuke before 5.6.4 and 6...
CVE-2012-1037 PHP remote file inclusion vulnerability in front/popup.php in GLPI 0.78 through 0.80.61 allows remot...
CVE-2012-1038 Cross-site scripting (XSS) vulnerability in the WebAAA login functionality (wba_login.html) in Junip...
CVE-2012-1039 Multiple cross-site scripting (XSS) vulnerabilities in Dotclear before 2.4.2 allow remote attackers ...
E S
CVE-2012-1046 Cross-site scripting (XSS) vulnerability in TM1 Web in IBM Cognos TM1 9.5.2 FP1 allows remote attack...
CVE-2012-1047 Directory traversal vulnerability in the WWWHELP Service (js/html/wwhelp.htm) in Cyberoam Central Co...
E
CVE-2012-1048 Cross-site scripting (XSS) vulnerability in communityplusplus/www/administrator.php in eFront Commun...
E
CVE-2012-1049 Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ADManager Plus 5.2 Build 5210 al...
E
CVE-2012-1050 Directory traversal vulnerability in Mathopd 1.4.x and 1.5.x before 1.5p7, when configured with the ...
CVE-2012-1051 Heap-based buffer overflow in Xjp2.dll in the JPEG2000 plug-in in XnView 1.98.5 allows remote attack...
CVE-2012-1052 Buffer overflow in IvanView 1.2.15 allows remote attackers to execute arbitrary code via a JPEG2000 ...
CVE-2012-1053 The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2....
CVE-2012-1054 Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x...
CVE-2012-1055 Heap-based buffer overflow in PhotoLine 17.01 and possibly other versions before 17.02 allows remote...
CVE-2012-1056 The Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal does not properly e...
S
CVE-2012-1057 Cross-site request forgery (CSRF) vulnerability in the clickthrough tracking functionality in the Fo...
S
CVE-2012-1058 Cross-site request forgery (CSRF) vulnerability in Flyspray 0.9.9.6 allows remote attackers to hijac...
E
CVE-2012-1059 Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Shop/Application/Cart/pages/main...
E
CVE-2012-1060 Multiple cross-site scripting (XSS) vulnerabilities in revisioning_theme.inc in the Taxonomy module ...
E S
CVE-2012-1061 SQL injection vulnerability in GForge Advanced Server 6.0.0 and other versions before 6.0.1 allows r...
CVE-2012-1062 Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Applications Manager 9.x and 10....
E
CVE-2012-1063 Multiple SQL injection vulnerabilities in ManageEngine Applications Manager 9.x and 10.x allow remot...
E
CVE-2012-1064 Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer SmartSuite Framework 4.x and R...
CVE-2012-1065 Insecure method vulnerability in TuxScripting.dll in the TuxSystem ActiveX control in 2X Application...
CVE-2012-1066 Cross-site scripting (XSS) vulnerability in the template module in SmartyCMS 0.9.4 allows remote att...
E
CVE-2012-1067 SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for WordPress allows remote attack...
CVE-2012-1068 Cross-site scripting (XSS) vulnerability in the rc_ajax function in core.php in the WP-RecentComment...
CVE-2012-1069 Cross-site scripting (XSS) vulnerability in module/kb/search_word in the search module in lknSupport...
E
CVE-2012-1070 Cross-site scripting (XSS) vulnerability in the Modern FAQ (irfaq) extension 1.1.2 and other version...
CVE-2012-1071 SQL injection vulnerability in the Kitchen recipe (mv_cooking) extension before 0.4.1 for TYPO3 allo...
CVE-2012-1072 SQL injection vulnerability in the Category-System (toi_category) extension 0.6.0 and earlier for TY...
CVE-2012-1073 Cross-site scripting (XSS) vulnerability in the Category-System (toi_category) extension 0.6.0 and e...
CVE-2012-1074 SQL injection vulnerability in the White Papers (mm_whtppr) extension 0.0.4 and earlier for TYPO3 al...
CVE-2012-1075 SQL injection vulnerability in the Documents download (rtg_files) extension before 1.5.2 for TYPO3 a...
CVE-2012-1076 Cross-site scripting (XSS) vulnerability in the Documents download (rtg_files) extension before 1.5....
CVE-2012-1077 SQL injection vulnerability in the Post data records to facebook (bc_post2facebook) extension before...
CVE-2012-1078 The System Utilities (sysutils) extension 1.0.3 and earlier for TYPO3 allows remote attackers to obt...
CVE-2012-1079 Unspecified vulnerability in the Webservices for TYPO3 (typo3_webservice) extension before 0.3.8 for...
CVE-2012-1080 Cross-site scripting (XSS) vulnerability in the Euro Calculator (skt_eurocalc) extension 0.0.1 allow...
CVE-2012-1081 Cross-site scripting (XSS) vulnerability in the Yet another Google search (ya_googlesearch) extensio...
S
CVE-2012-1082 Cross-site scripting (XSS) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and ea...
CVE-2012-1083 Cross-site request forgery (CSRF) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2...
CVE-2012-1084 Cross-site scripting (XSS) vulnerability in the BE User Switch (beuserswitch) extension 0.0.1 for TY...
CVE-2012-1085 Unspecified vulnerability in the BE User Switch (beuserswitch) extension 0.0.1 for TYPO3 allows remo...
CVE-2012-1086 Cross-site scripting (XSS) vulnerability in the UrlTool (aeurltool) extension 0.1.0 for TYPO3 allows...
CVE-2012-1087 Cross-site scripting (XSS) vulnerability in the Post data records to facebook (bc_post2facebook) ext...
S
CVE-2012-1088 iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a temp...
CVE-2012-1089 Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows...
CVE-2012-1090 The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to ca...
S
CVE-2012-1091 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-1410. Reason: This candida...
R
CVE-2012-1092 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-1410. Reason: This candida...
R
CVE-2012-1093 The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack t...
E
CVE-2012-1094 JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can ...
CVE-2012-1095 osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitra...
CVE-2012-1096 NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys w...
CVE-2012-1097 The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the...
S
CVE-2012-1098 Cross-site scripting (XSS) vulnerability in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, a...
CVE-2012-1099 Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_options_helper.r...
CVE-2012-1100 Red Hat JBoss Operations Network (JON) 3.0.x before 3.0.1, 2.4.2, and earlier, when LDAP authenticat...
CVE-2012-1101 systemd 37-1 does not properly handle non-existent services, which causes a denial of service (failu...
S
CVE-2012-1102 It was discovered that the XML::Atom Perl module before version 0.39 did not disable external entiti...
E
CVE-2012-1103 emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted ...
E S
CVE-2012-1104 A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the jasig project due to the...
CVE-2012-1105 An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in th...
S
CVE-2012-1106 The C handler plug-in in Automatic Bug Reporting Tool (ABRT), possibly 2.0.8 and earlier, does not p...
E S
CVE-2012-1107 The analyzeCurrent function in ape/apeproperties.cpp in TagLib 1.7 and earlier allows context-depend...
E S
CVE-2012-1108 The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier allows remote attackers to cause...
E S
CVE-2012-1109 mwlib 0.13 through 0.13.4 has a denial of service vulnerability when parsing #iferror magic function...
S
CVE-2012-1110 Multiple cross-site scripting (XSS) vulnerabilities in Etano 1.22 and earlier allow remote attackers...
CVE-2012-1111 lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which ...
E
CVE-2012-1112 Directory traversal vulnerability in Open-Realty CMS 2.5.8 and earlier allows remote attackers to in...
E
CVE-2012-1113 Multiple cross-site scripting (XSS) vulnerabilities in the administration subsystem in Gallery 2 bef...
CVE-2012-1114 A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filte...
CVE-2012-1115 A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the expor...
CVE-2012-1116 SQL injection vulnerability in Joomla! 1.7.x and 2.5.x before 2.5.2 allows remote attackers to execu...
CVE-2012-1117 Cross-site scripting (XSS) vulnerability in Joomla! 2.5.0 and 2.5.1 allows remote attackers to injec...
CVE-2012-1118 The access_has_bug_level function in core/access_api.php in MantisBT before 1.2.9 does not properly ...
E S
CVE-2012-1119 MantisBT before 1.2.9 does not audit when users copy or clone a bug report, which makes it easier fo...
E S
CVE-2012-1120 The SOAP API in MantisBT before 1.2.9 does not properly enforce the bugnote_allow_user_edit_delete a...
S
CVE-2012-1121 MantisBT before 1.2.9 does not properly check permissions, which allows remote authenticated users w...
E S
CVE-2012-1122 bug_actiongroup.php in MantisBT before 1.2.9 does not properly check the report_bug_threshold permis...
E S
CVE-2012-1123 The mci_check_login function in api/soap/mc_api.php in the SOAP API in MantisBT before 1.2.9 allows ...
S
CVE-2012-1124 SQL injection vulnerability in search.php in phxEventManager 2.0 beta 5 allows remote attackers to e...
E
CVE-2012-1125 Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting ...
E
CVE-2012-1126 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1127 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1128 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1129 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1130 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1131 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit...
CVE-2012-1132 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1133 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1134 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1135 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1136 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1137 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1138 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1139 Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and othe...
CVE-2012-1140 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1141 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1142 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1143 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1144 FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows re...
CVE-2012-1145 spacewalk-backend in Red Hat Network Satellite 5.4 on Red Hat Enterprise Linux 6 does not properly a...
CVE-2012-1146 The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 ...
E S
CVE-2012-1147 readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service ...
CVE-2012-1148 Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-de...
S
CVE-2012-1149 Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier...
S
CVE-2012-1150 Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash valu...
E S
CVE-2012-1151 Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module ...
CVE-2012-1152 Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML (ak...
CVE-2012-1153 Unrestricted file upload vulnerability in addons/uploadify/uploadify.php in appRain CMF 0.1.5 and ea...
E
CVE-2012-1154 mod_cluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Applicatio...
CVE-2012-1155 Moodle has a database activity export permission issue where the export function of the database act...
S
CVE-2012-1156 Moodle before 2.2.2 has users' private files included in course backups...
S
CVE-2012-1157 Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable ...
S
CVE-2012-1158 Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden gr...
S
CVE-2012-1159 Moodle before 2.2.2: Overview report allows users to see hidden courses...
S
CVE-2012-1160 Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscri...
S
CVE-2012-1161 Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search result...
S
CVE-2012-1162 Heap-based buffer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote ...
E
CVE-2012-1163 Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers ...
CVE-2012-1164 slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion fail...
CVE-2012-1165 The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h...
CVE-2012-1166 The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attack...
CVE-2012-1167 The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2,...
CVE-2012-1168 Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the...
S
CVE-2012-1169 Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name disp...
S
CVE-2012-1170 Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are...
S
CVE-2012-1171 The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protecti...
CVE-2012-1172 The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle invalid [ (...
E S
CVE-2012-1173 Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arb...
CVE-2012-1174 The rm_rf_children function in util.c in the systemd-logind login manager in systemd before 44, when...
E S
CVE-2012-1175 Integer overflow in the GnashImage::size method in libbase/GnashImage.h in GNU Gnash 0.8.10 allows r...
CVE-2012-1176 Buffer overflow in the fribidi_utf8_to_unicode function in PyFriBidi before 0.11.0 allows remote att...
CVE-2012-1177 libgdata before 0.10.2 and 0.11.x before 0.11.1 does not validate SSL certificates, which allows rem...
CVE-2012-1178 The msn_oim_report_to_user function in oim.c in the MSN protocol plugin in libpurple in Pidgin befor...
CVE-2012-1179 The Linux kernel before 3.3.1, when KVM is used, allows guest OS users to cause a denial of service ...
CVE-2012-1180 Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP serve...
S
CVE-2012-1181 fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the Fc...
S
CVE-2012-1182 The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does ...
CVE-2012-1183 Stack-based buffer overflow in the milliwatt_generate function in the Miliwatt application in Asteri...
S
CVE-2012-1184 Stack-based buffer overflow in the ast_parse_digest function in main/utils.c in Asterisk 1.8.x befor...
CVE-2012-1185 Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and...
S
CVE-2012-1186 Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier a...
S
CVE-2012-1187 Bitlbee does not drop extra group privileges correctly in unix.c...
CVE-2012-1188 Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before 3.2.7 allow remote attackers ...
E S
CVE-2012-1189 Stack-based buffer overflow in modules/graphic/ssgraph/grsound.cpp in The Open Racing Car Simulator ...
E S
CVE-2012-1190 Cross-site scripting (XSS) vulnerability in the replication-setup functionality in js/replication.js...
E S
CVE-2012-1191 The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites cached server names and TTL v...
E
CVE-2012-1192 The resolver in Unbound before 1.4.11 overwrites cached server names and TTL values in NS records du...
CVE-2012-1193 The resolver in PowerDNS Recursor (aka pdns_recursor) 3.3 overwrites cached server names and TTL val...
E
CVE-2012-1194 The resolver in the DNS Server service in Microsoft Windows Server 2008 before R2 overwrites cached ...
E
CVE-2012-1195 Unrestricted file upload vulnerability in andesk/managementsuite/core/core.anonymous/ServerSetup.asm...
CVE-2012-1196 Directory traversal vulnerability in the VulCore web service (WSVulnerabilityCore/VulCore.asmx) in L...
CVE-2012-1197 Integer overflow in the IDE_ACDStd.apl module for ACDSee 14.1 Build 137 allows remote attackers to e...
CVE-2012-1198 base_ag_main.php in Basic Analysis and Security Engine (BASE) 1.4.5 allows remote attackers to execu...
E
CVE-2012-1199 Multiple PHP remote file inclusion vulnerabilities in Basic Analysis and Security Engine (BASE) 1.4....
E
CVE-2012-1200 Multiple PHP remote file inclusion vulnerabilities in Nova CMS allow remote attackers to execute arb...
E
CVE-2012-1203 Cross-site request forgery (CSRF) vulnerability in starnet/index.php in SyndeoCMS 3.0 and earlier al...
E
CVE-2012-1205 PHP remote file inclusion vulnerability in relocate-upload.php in Relocate Upload plugin before 0.20...
E S
CVE-2012-1206 Multiple integer overflows in Hancom Office 2010 SE 8.5.5 allow remote attackers to execute arbitrar...
CVE-2012-1207 Directory traversal vulnerability in frontend/core/engine/javascript.php in Fork CMS 3.2.4 and possi...
E S
CVE-2012-1208 Multiple cross-site scripting (XSS) vulnerabilities in backend/core/engine/base.php in Fork CMS 3.2....
E S
CVE-2012-1209 Cross-site scripting (XSS) vulnerability in backend/core/engine/base.php in Fork CMS 3.2.4 and possi...
E S
CVE-2012-1210 SQL injection vulnerability in pfile/file.php in Powie pFile 1.02 allows remote attackers to execute...
E
CVE-2012-1211 Cross-site scripting (XSS) vulnerability in pfile/kommentar.php in Powie pFile 1.02 allows remote at...
E
CVE-2012-1212 Cross-site scripting (XSS) vulnerability in the smwfOnSfSetTargetName function in extensions/SMWHalo...
E
CVE-2012-1213 Cross-site scripting (XSS) vulnerability in zimbra/h/calendar in Zimbra Web Client in Zimbra Collabo...
E
CVE-2012-1214 Cross-site scripting (XSS) vulnerability in the Add friends module in Yoono Desktop Application befo...
E
CVE-2012-1215 Cross-site scripting (XSS) vulnerability in the Add friends module in the Yoono extension before 7.7...
E
CVE-2012-1216 Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in PBBoard 2.1.4 allow remot...
E
CVE-2012-1217 Multiple cross-site scripting (XSS) vulnerabilities in STHS v2 Web Portal 2.2 allow remote attackers...
E
CVE-2012-1218 Multiple SQL injection vulnerabilities in freelancerKit 2.35 allow remote attackers to execute arbit...
CVE-2012-1219 Multiple cross-site scripting (XSS) vulnerabilities in freelancerKit 2.35 allow remote attackers to ...
CVE-2012-1220 Cross-site request forgery (CSRF) vulnerability in modules/config/admin_utente.php in GAzie 5.20 and...
E
CVE-2012-1221 Directory traversal vulnerability in the telnet server in RabidHamster R2/Extreme 1.65 and earlier a...
E
CVE-2012-1222 Stack-based buffer overflow in RabidHamster R2/Extreme 1.65 and earlier allows remote authenticated ...
E
CVE-2012-1223 RabidHamster R2/Extreme 1.65 and earlier uses a small search space of values for the PIN number, whi...
E
CVE-2012-1224 Cross-site scripting (XSS) vulnerability in system/classes/login.php in ContentLion Alpha 1.3 allows...
E
CVE-2012-1225 Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenti...
E
CVE-2012-1226 Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote attackers to r...
E
CVE-2012-1227 Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in pluck 4.7 allow remote at...
E
CVE-2012-1234 SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to...
S
CVE-2012-1235 Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote au...
S
CVE-2012-1236 Multiple cross-site request forgery (CSRF) vulnerabilities in Janetter before 3.3.0.0 (aka 3.3.0) al...
CVE-2012-1237 Cross-site request forgery (CSRF) vulnerability in SENCHA SNS before 1.0.2 allows remote attackers t...
S
CVE-2012-1238 Session fixation vulnerability in SENCHA SNS before 1.0.2 allows remote attackers to hijack web sess...
S
CVE-2012-1239 The TopAccess web-based management interface on TOSHIBA TEC e-Studio multi-function peripheral (MFP)...
CVE-2012-1240 Cross-site scripting (XSS) vulnerability in the RECRUIT Dokodemo Rikunabi 2013 extension before 1.0....
CVE-2012-1241 GRScript18.dll before 1.2.2.0 in ActiveScriptRuby (ASR) before 1.8.7 does not properly restrict inte...
CVE-2012-1242 Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ic...
CVE-2012-1243 The TwitRocker2 application before 1.0.23 for Android does not properly implement the WebView class,...
CVE-2012-1244 The NTT DOCOMO sp mode mail application 5400 and earlier for Android does not properly verify X.509 ...
CVE-2012-1245 Cross-site scripting (XSS) vulnerability in the cleanup_urls function in forum/utils/html.py in OSQA...
CVE-2012-1246 Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and earlier might allow remote att...
CVE-2012-1247 Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and earlier, when Internet Explore...
CVE-2012-1248 app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-...
CVE-2012-1249 The iLunascape application 1.0.4.0 and earlier for Android does not properly implement the WebView c...
CVE-2012-1250 Logitec LAN-W300N/R routers with firmware before 2.27 do not properly restrict login access, which a...
CVE-2012-1251 Opera before 9.63 does not properly verify X.509 certificates from SSL servers, which allows man-in-...
CVE-2012-1252 Cross-site scripting (XSS) vulnerability in RSSOwl before 2.1.1 allows remote attackers to inject ar...
CVE-2012-1253 Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is ...
CVE-2012-1254 Cross-site scripting (XSS) vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to in...
CVE-2012-1255 SQL injection vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to execute arbitra...
CVE-2012-1256 The single sign-on (SSO) implementation in EasyVista before 2010.1.1.89 allows remote attackers to b...
CVE-2012-1257 Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sens...
CVE-2012-1258 cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer before 9.0.1.1989...
E
CVE-2012-1259 Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer ...
E
CVE-2012-1260 Cross-site scripting (XSS) vulnerability in cgi-bin/userprefs.cgi in Plixer International Scrutinize...
E
CVE-2012-1261 Cross-site scripting (XSS) vulnerability in cgi-bin/scrut_fa_exclusions.cgi in Plixer International ...
E
CVE-2012-1262 Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5....
E S
CVE-2012-1264 Unspecified vulnerability in Gretech GOM Media Player before 2.1.37.5091 allows remote attackers to ...
CVE-2012-1288 The UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock device uses hardcoded credentials for an ad...
CVE-2012-1289 Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users t...
E
CVE-2012-1290 Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp in the Internet Sales (crm.b2b...
CVE-2012-1291 Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet in SAP NetWeaver 7...
CVE-2012-1292 Unspecified vulnerability in the MessagingSystem servlet in SAP NetWeaver 7.0 allows remote attacker...
CVE-2012-1293 Multiple cross-site scripting (XSS) vulnerabilities in fup in Frams' Fast File EXchange (F*EX, aka f...
E S
CVE-2012-1294 SQL injection vulnerability in CONTIMEX Impulsio CMS allows remote attackers to execute arbitrary SQ...
E
CVE-2012-1296 Multiple cross-site scripting (XSS) vulnerabilities in apps/admin/handlers/preview.php in Elefant CM...
CVE-2012-1297 Multiple cross-site request forgery (CSRF) vulnerabilities in main.php in Contao (formerly TYPOlight...
E
CVE-2012-1301 The FeedProxy.aspx script in Umbraco 4.7.0 allows remote attackers to proxy requests on their behalf...
CVE-2012-1302 Multiple cross-site scripting (XSS) vulnerabilities in amMap 2.6.3 allow remote attackers to inject ...
E
CVE-2012-1303 Multiple cross-site scripting (XSS) vulnerabilities in amCharts Flash 1 allow remote attackers to in...
E
CVE-2012-1308 Cross-site request forgery (CSRF) vulnerability in redpass.cgi in D-Link DSL-2640B Firmware EU_4.00 ...
E
CVE-2012-1310 Memory leak in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attacke...
CVE-2012-1311 The RSVP feature in Cisco IOS 15.0 and 15.1 and IOS XE 3.2.xS through 3.4.xS before 3.4.2S, when a V...
CVE-2012-1312 The MACE feature in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of service (de...
CVE-2012-1313 The remote debug shell on the PALO adapter card in Cisco Unified Computing System (UCS) allows local...
CVE-2012-1314 The WAAS Express feature in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of ser...
CVE-2012-1315 Memory leak in the SIP inspection feature in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, ...
CVE-2012-1316 Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to ...
CVE-2012-1317 The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial...
CVE-2012-1324 Race condition in the Zone-Based Firewall in Cisco IOS 15.1 and 15.2, when IPS policies are configur...
CVE-2012-1326 Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraint...
CVE-2012-1327 dot11t/t_if_dot11_hal_ath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 allows remote attackers to cause...
CVE-2012-1328 Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 do not properly handle downloa...
CVE-2012-1335 Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB thr...
CVE-2012-1336 Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB thr...
CVE-2012-1337 Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB thr...
CVE-2012-1338 Cisco IOS 15.0 and 15.1 on Catalyst 3560 and 3750 series switches allows remote authenticated users ...
CVE-2012-1339 The Fabric Interconnect component in Cisco Unified Computing System (UCS) 2.0 allows remote attacker...
CVE-2012-1340 The Fibre Channel over IP (FCIP) implementation in Cisco MDS NX-OS 4.2 and 5.2 on MDS 9000 series sw...
CVE-2012-1342 Cisco Carrier Routing System (CRS) 3.9, 4.0, and 4.1 allows remote attackers to bypass ACL entries v...
CVE-2012-1344 Cisco IOS 15.1 and 15.2, when a clientless SSL VPN is configured, allows remote authenticated users ...
CVE-2012-1346 Cisco Emergency Responder 8.6 and 9.2 allows remote attackers to cause a denial of service (CPU cons...
CVE-2012-1348 Cisco Wide Area Application Services (WAAS) appliances with software 4.4, 5.0, and 5.1 include a one...
CVE-2012-1350 Cisco IOS 12.3 and 12.4 on Aironet access points allows remote attackers to cause a denial of servic...
CVE-2012-1357 The igmp_snoop_orib_fill_source_update function in the IGMP process in NX-OS 5.0 and 5.1 on Cisco Ne...
CVE-2012-1361 Cisco IOS 15.1 and 15.2, when the Multicast Music-on-Hold (MMoH) feature of Cisco Unified Communicat...
CVE-2012-1364 Cisco Unified Computing System (UCS) 1.4 and 2.0 allows remote authenticated users to cause a denial...
CVE-2012-1365 Cisco Unified Computing System (UCS) 1.4 and 2.0 allows remote authenticated users to cause a denial...
CVE-2012-1366 Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is ...
CVE-2012-1367 The MallocLite implementation in Cisco IOS 12.0, 12.2, 15.0, 15.1, and 15.2 allows remote attackers ...
E
CVE-2012-1370 Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 allows remote authenticated users to ca...
CVE-2012-1380 Unspecified vulnerability in the NetEaseWeibo (com.netease.wb) application 1.2.1 and 1.2.2 for Andro...
CVE-2012-1381 Unspecified vulnerability in the NetEase CloudAlbum (com.netease.cloudalbum) application 2.0.0 and 2...
CVE-2012-1382 Unspecified vulnerability in the Youdao Dictionary (com.youdao.dict) application 1.6.1, 2.0.1(2), an...
CVE-2012-1383 Unspecified vulnerability in the NetEase Reader (com.netease.pris) application 1.1.2 and 1.2.0 for A...
CVE-2012-1384 Unspecified vulnerability in the NetEase Pmail (com.netease.rpmms) application 0.5.0 and 0.5.2 for A...
CVE-2012-1385 Unspecified vulnerability in the NetEase WeiboHD (com.netease.wbhd) application 1.0.0 for Android ha...
CVE-2012-1386 Unspecified vulnerability in the YouMail Visual Voicemail Plus (com.youmail.android.vvm) application...
CVE-2012-1387 Unspecified vulnerability in the RealTalk (com.tmsmanager.tms) application A.0.9.250 for Android has...
CVE-2012-1388 Unspecified vulnerability in the XiXunTianTian (com.xixun.tiantian) application 0.6.2 beta for Andro...
CVE-2012-1389 Unspecified vulnerability in the Di Long Weibo (com.icekirin.weibos) application 1.9.9 for Android h...
CVE-2012-1390 Unspecified vulnerability in the Miso (com.bazaarlabs.miso) application 2.2 for Android has unknown ...
CVE-2012-1391 Unspecified vulnerability in the mOffice - Outlook sync (com.innov8tion.isharesync) application 3.1 ...
CVE-2012-1392 Unspecified vulnerability in the Dolphin Browser HD (mobi.mgeek.TunnyBrowser) application 6.2.0, 7.2...
CVE-2012-1393 Unspecified vulnerability in the GO SMS Pro (com.jb.gosms) application 3.72, 4.10, and 4.35 for Andr...
CVE-2012-1394 Unspecified vulnerability in the GO Email Widget (com.gau.go.launcherex.gowidget.emailwidget) applic...
CVE-2012-1395 Unspecified vulnerability in the GO TwiWidget (com.gau.go.launcherex.gowidget.twitterwidget) applica...
CVE-2012-1396 Unspecified vulnerability in the GO FBWidget (com.gau.go.launcherex.gowidget.fbwidget) application 1...
CVE-2012-1397 Unspecified vulnerability in the GO QQWeiboWidget (com.gau.go.launcherex.gowidget.qqweibowidget) app...
CVE-2012-1398 Unspecified vulnerability in the GO WeiboWidget (com.gau.go.launcherex.gowidget.weibowidget) applica...
CVE-2012-1399 Unspecified vulnerability in the U+Box 2.0 (lg.uplusbox) application 2.0.2 and 2.0.8.4 for Android h...
CVE-2012-1400 Unspecified vulnerability in the U+Box 2.0 Pad (lg.uplusbox.pad) application 2.0.8.4 for Android has...
CVE-2012-1401 Unspecified vulnerability in the CamScanner (com.intsig.camscanner) application 1.2.2.20110823 and 1...
CVE-2012-1402 Unspecified vulnerability in the QianXun YingShi (com.qianxun.yingshi) application 1.2.3 and 1.3.4 f...
CVE-2012-1403 Unspecified vulnerability in the Dolphin Browser CN (com.dolphin.browser.cn) application 6.3.1 and 7...
CVE-2012-1404 Unspecified vulnerability in the Dolphin Browser Mini (com.dolphin.browser) application 2.2 for Andr...
CVE-2012-1405 Unspecified vulnerability in the GO Note Widget (com.gau.go.launcherex.gowidget.notewidget) applicat...
CVE-2012-1406 Unspecified vulnerability in the GO Bookmark Widget (com.gau.go.launcherex.gowidget.bookmark) applic...
CVE-2012-1407 Unspecified vulnerability in the GO Message Widget (com.gau.go.launcherex.gowidget.smswidget) applic...
CVE-2012-1408 Unspecified vulnerability in the App Lock (com.cc.applock) application 1.7.5 and 1.7.6 for Android h...
CVE-2012-1409 Unspecified vulnerability in the Tiny Password (com.tinycouch.android.freepassword) application 1.64...
CVE-2012-1410 Multiple cross-site scripting (XSS) vulnerabilities in the History Window implementation in Kadu 0.9...
E S
CVE-2012-1413 Cross-site scripting (XSS) vulnerability in zc_install/includes/modules/pages/database_setup/header_...
CVE-2012-1414 Cross-site request forgery (CSRF) vulnerability in manager/news.php in Plume CMS 1.2.4 and earlier a...
E
CVE-2012-1415 Cross-site request forgery (CSRF) vulnerability in lib/logout.php in DFLabs PTK 1.0.5 and earlier al...
E
CVE-2012-1416 Multiple cross-site request forgery (CSRF) vulnerabilities in SocialCMS 1.0.2 allow remote attackers...
E
CVE-2012-1417 Multiple cross-site scripting (XSS) vulnerabilities in Local Phone book and Blacklist form in Yealin...
E
CVE-2012-1418 Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.60 on the Acer AC700, Samsung ...
CVE-2012-1419 The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attacker...
CVE-2012-1420 The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Anti...
CVE-2012-1421 The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, Rising Antivi...
CVE-2012-1422 The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, NOD32 Antivirus 5795, Norman Antivirus ...
CVE-2012-1423 The TAR file parser in Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4...
CVE-2012-1424 The TAR file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Jiangmin An...
CVE-2012-1425 The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat Qui...
CVE-2012-1426 The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Anti...
CVE-2012-1427 The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos An...
CVE-2012-1428 The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos An...
CVE-2012-1429 The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe ...
CVE-2012-1430 The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Virus 9...
CVE-2012-1431 The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0...
CVE-2012-1432 The Microsoft EXE file parser in Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utiliti...
CVE-2012-1433 The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5....
CVE-2012-1434 The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5....
CVE-2012-1435 The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5....
CVE-2012-1436 The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5....
CVE-2012-1437 The Microsoft Office file parser in Comodo Antivirus 7425 allows remote attackers to bypass malware ...
CVE-2012-1438 The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos Anti-Virus 4.61.0 allows remote...
CVE-2012-1439 The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, a...
CVE-2012-1440 The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA eTrust Vet Antivirus 36.1.8511, ...
CVE-2012-1441 The Microsoft EXE file parser in eSafe 7.0.17.0 and Prevx 3.0 allows remote attackers to bypass malw...
CVE-2012-1442 The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400...
CVE-2012-1443 The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 1...
CVE-2012-1444 The ELF file parser in eSafe 7.0.17.0, Prevx 3.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus ...
CVE-2012-1445 The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, a...
CVE-2012-1446 The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400...
CVE-2012-1447 The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda A...
CVE-2012-1448 The CAB file parser in Quick Heal (aka Cat QuickHeal) 11.00, Trend Micro AntiVirus 9.120.0.1004, Ika...
CVE-2012-1449 The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers...
CVE-2012-1450 The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Sophos Anti-Virus 4.61.0, and Ikarus Virus Uti...
CVE-2012-1451 The CAB file parser in Emsisoft Anti-Malware 5.1.0.1 and Ikarus Virus Utilities T3 Command Line Scan...
CVE-2012-1452 The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Command Line Scanner...
CVE-2012-1453 The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus ...
CVE-2012-1454 The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (formerly Webwasher) 2010....
CVE-2012-1455 The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers...
CVE-2012-1456 The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Anti...
CVE-2012-1457 The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.13...
CVE-2012-1458 The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers ...
CVE-2012-1459 The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy La...
CVE-2012-1460 The Gzip file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Command An...
CVE-2012-1461 The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Ems...
CVE-2012-1462 The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick ...
CVE-2012-1463 The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka C...
CVE-2012-1464 Dashboard Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the ins...
E
CVE-2012-1465 Stack-based buffer overflow in the HTTP Server in NetMechanica NetDecision before 4.6.1 allows remot...
E
CVE-2012-1466 The Traffic Grapher Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obta...
E
CVE-2012-1467 Multiple directory traversal vulnerabilities in the iBrowser plugin library, as used in Open Journal...
E
CVE-2012-1468 Incomplete blacklist vulnerability in Open Journal Systems before 2.3.7 allows remote authenticated ...
E
CVE-2012-1469 Multiple cross-site scripting (XSS) vulnerabilities in Open Journal Systems before 2.3.7 allow remot...
E
CVE-2012-1470 Multiple cross-site scripting (XSS) vulnerabilities in code_editor.php in ocPortal before 7.1.6 allo...
E S
CVE-2012-1471 Directory traversal vulnerability in catalogue_file.php in ocPortal before 7.1.6 allows remote attac...
E S
CVE-2012-1472 VMware vCenter Chargeback Manager (aka CBM) before 2.0.1 does not properly handle XML API requests, ...
CVE-2012-1474 Unspecified vulnerability in the Youni SMS (com.snda.youni) application 2.1.0c and 2.1.0d for Androi...
CVE-2012-1475 Unspecified vulnerability in the YagattaTalk Messenger (com.iskoot.yagatta.yagattatalk) application ...
CVE-2012-1476 Unspecified vulnerability in the KKtalk (com.kkliaotian.android) application 4.0.0 and 4.1.5 for And...
CVE-2012-1477 Unspecified vulnerability in the Cnectd (mci.cnectd) application 3.1.0 for Android has unknown impac...
CVE-2012-1478 Unspecified vulnerability in the UCMobile BloveStorm (com.blovestorm) application 2.2.0 and 3.2.1 fo...
CVE-2012-1479 Unspecified vulnerability in the AContact (com.movester.quickcontact) application 1.8.2 for Android ...
CVE-2012-1480 Unspecified vulnerability in the Pansi SMS (com.pansi.msg) application 1.97, 2.01, and 2.07 for Andr...
CVE-2012-1481 Unspecified vulnerability in the Textdroid (com.app.android.textdroid) application 2.5.2 for Android...
CVE-2012-1482 Unspecified vulnerability in the TouchPal Contacts (com.cootek.smartdialer) application 3.3.1 and 4....
CVE-2012-1483 Unspecified vulnerability in the Message Forwarder (com.gmail.zbnetium) application 1.12.20110409.1 ...
CVE-2012-1484 Unspecified vulnerability in the WaliSMS CN (cn.com.wali.walisms) application 2.9.2 and 3.7.0 for An...
CVE-2012-1485 Unspecified vulnerability in the NetFront Life Browser (com.access_company.android.nflifebrowser.lit...
CVE-2012-1493 F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x ...
E S
CVE-2012-1495 install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via ...
E
CVE-2012-1496 Local file inclusion in WebCalendar before 1.2.5....
CVE-2012-1497 The default configuration of Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 suppor...
S
CVE-2012-1498 Multiple cross-site request forgery (CSRF) vulnerabilities in Webfolio CMS 1.1.4 and earlier allow r...
E
CVE-2012-1499 The JPEG 2000 codec (jp2.c) in OpenJPEG before 1.5 allows remote attackers to execute arbitrary code...
CVE-2012-1500 Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8 allows a...
E
CVE-2012-1501 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual...
R
CVE-2012-1502 Double free vulnerability in the PyPAM_conv in PAMmodule.c in PyPam 0.5.0 and earlier allows remote ...
E
CVE-2012-1503 Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Apart KK) Movable Type (MT) Pro ...
E
CVE-2012-1506 SQL injection vulnerability in the updateStatus function in lib/models/benefits/Hsp.php in OrangeHRM...
E S
CVE-2012-1507 Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM before 2.7 allow remote attackers t...
E S
CVE-2012-1508 The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View be...
CVE-2012-1509 Buffer overflow in the XPDM display driver in VMware View before 4.6.1 allows guest OS users to gain...
CVE-2012-1510 Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1;...
CVE-2012-1511 Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows r...
CVE-2012-1512 Cross-site scripting (XSS) vulnerability in the internal browser in vSphere Client in VMware vSphere...
CVE-2012-1513 The Web Configuration tool in VMware vCenter Orchestrator (vCO) 4.0 before Update 4, 4.1 before Upda...
CVE-2012-1514 Cross-site request forgery (CSRF) vulnerability in VMware vShield Manager (vSM) 1.0.1 before Update ...
CVE-2012-1515 VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O ope...
CVE-2012-1516 The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC ...
CVE-2012-1517 The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows g...
CVE-2012-1518 VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2,...
CVE-2012-1520 WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau...
CVE-2012-1521 Use-after-free vulnerability in the XML parser in Google Chrome before 18.0.1025.168 allows remote a...
E
CVE-2012-1522 Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attack...
CVE-2012-1523 Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows rem...
CVE-2012-1524 Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attack...
CVE-2012-1525 Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Wi...
S
CVE-2012-1526 Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote ...
CVE-2012-1527 Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Win...
CVE-2012-1528 Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Wind...
CVE-2012-1529 Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execu...
CVE-2012-1530 Heap-based buffer overflow in the XSLT engine in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x bef...
S
CVE-2012-1531 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
S
CVE-2012-1532 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
S
CVE-2012-1533 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
S
CVE-2012-1534 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4167. Reason: This candida...
R
CVE-2012-1535 Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and befo...
KEV S
CVE-2012-1537 Heap-based buffer overflow in DirectPlay in DirectX 9.0 through 11.1 in Microsoft Windows XP SP2 and...
CVE-2012-1538 Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arb...
CVE-2012-1539 Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arb...
CVE-2012-1541 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2012-1543 Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows ...
CVE-2012-1544 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-1876. Reason: This candida...
R
CVE-2012-1545 Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass ...
CVE-2012-1556 Cross-site scripting (XSS) vulnerability in Synology Photo Station 5 for DiskStation Manager (DSM) 3...
E
CVE-2012-1557 SQL injection vulnerability in admin/plib/api-rpc/Agent.php in Parallels Plesk Panel 7.x and 8.x bef...
CVE-2012-1558 yaSSL CyaSSL before 2.0.8 allows remote attackers to cause a denial of service (NULL pointer derefer...
CVE-2012-1561 Cross-site scripting (XSS) vulnerability in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and ...
S
CVE-2012-1562 Joomla! core before 2.5.3 allows unauthorized password change....
CVE-2012-1563 Joomla! before 2.5.3 allows Admin Account Creation....
CVE-2012-1564 Cross-site scripting (XSS) vulnerability in administration/create_album.php in YVS Image Gallery all...
E
CVE-2012-1565 Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5, and 4.6 has unknown impact and at...
CVE-2012-1566 LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintNanny....
CVE-2012-1567 LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintUpdate....
E
CVE-2012-1568 The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (...
CVE-2012-1569 The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before...
E S
CVE-2012-1570 The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before 1.4.12 overwrites cached server names and...
CVE-2012-1571 file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a craf...
E S
CVE-2012-1572 OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space...
S
CVE-2012-1573 gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle...
E
CVE-2012-1574 The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x...
CVE-2012-1575 Multiple cross-site scripting (XSS) vulnerabilities in Cumin before r5238 allow remote attackers to ...
CVE-2012-1576 The myuser_delete function in libathemecore/account.c in Atheme 5.x before 5.2.7, 6.x before 6.0.10,...
CVE-2012-1577 lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0....
CVE-2012-1578 Multiple cross-site request forgery (CSRF) vulnerabilities in MediaWiki 1.17.x before 1.17.3 and 1.1...
CVE-2012-1579 The resource loader in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 includes private data...
E
CVE-2012-1580 Cross-site request forgery (CSRF) vulnerability in Special:Upload in MediaWiki 1.17.x before 1.17.3 ...
CVE-2012-1581 MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 uses weak random numbers for password reset ...
CVE-2012-1582 Cross-site scripting (XSS) vulnerability in the wikitext parser in MediaWiki 1.17.x before 1.17.3 an...
CVE-2012-1583 Double free vulnerability in the xfrm6_tunnel_rcv function in net/ipv6/xfrm6_tunnel.c in the Linux k...
E S
CVE-2012-1584 Integer overflow in the mid function in toolkit/tbytevector.cpp in TagLib 1.7 and earlier allows con...
E S
CVE-2012-1585 OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of ...
E
CVE-2012-1586 mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or dir...
CVE-2012-1587 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4944. Reason: This candida...
R
CVE-2012-1588 Algorithmic complexity vulnerability in the _filter_url function in the text filtering system (modul...
S
CVE-2012-1589 Open redirect vulnerability in the Form API in Drupal 7.x before 7.13 allows remote attackers to red...
CVE-2012-1590 The forum list in Drupal 7.x before 7.14 does not properly check user permissions for unpublished fo...
E S
CVE-2012-1591 The image module in Drupal 7.x before 7.14 does not properly check permissions when caching derivati...
S
CVE-2012-1592 A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which co...
CVE-2012-1593 epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x b...
E
CVE-2012-1594 epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.6.x before 1.6.6 allo...
E
CVE-2012-1595 The pcap_process_pseudo_header function in wiretap/pcap-common.c in Wireshark 1.4.x before 1.4.12 an...
CVE-2012-1596 The mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector ...
CVE-2012-1597 Cross-site scripting (XSS) vulnerability in the textEncode function in classes/ezjscajaxcontent.php ...
E S
CVE-2012-1598 Joomla! 1.5.x before 1.5.26 has unspecified impact and attack vectors related to "insufficient rando...
CVE-2012-1599 Joomla! 1.5.x before 1.5.26 does not properly check permissions, which allows attackers to obtain se...
CVE-2012-1600 Multiple cross-site scripting (XSS) vulnerabilities in functions.php in phpPgAdmin before 5.0.4 allo...
CVE-2012-1601 The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of se...
CVE-2012-1602 user.php in NextBBS 0.6 allows remote attackers to bypass authentication and gain administrator acce...
E
CVE-2012-1603 Multiple SQL injection vulnerabilities in ajaxserver.php in NextBBS 0.6 allow remote attackers to ex...
E
CVE-2012-1604 Cross-site scripting (XSS) vulnerability in NextBBS 0.6 allows remote attackers to inject arbitrary ...
E
CVE-2012-1605 The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 unserializes untrusted data, which ...
CVE-2012-1606 Multiple cross-site scripting (XSS) vulnerabilities in the Backend component in TYPO3 4.4.0 through ...
CVE-2012-1607 The Command Line Interface (CLI) script in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 t...
CVE-2012-1608 The t3lib_div::RemoveXSS API method in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 throu...
CVE-2012-1609 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2012-1610 Integer overflow in the GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-4 ...
S
CVE-2012-1611 Joomla! 2.5.x before 2.5.4 does not properly check permissions, which allows attackers to obtain sen...
CVE-2012-1612 Cross-site scripting (XSS) vulnerability in the update manager in Joomla! 2.5.x before 2.5.4 allows ...
CVE-2012-1613 Cross-site scripting (XSS) vulnerability in edit_one_pic.php in Coppermine Photo Gallery before 1.5....
E S
CVE-2012-1614 Coppermine Photo Gallery before 1.5.20 allows remote attackers to obtain sensitive information via (...
E S
CVE-2012-1615 A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file....
S
CVE-2012-1616 Use-after-free vulnerability in icclib before 2.13, as used by Argyll CMS before 1.4 and possibly ot...
CVE-2012-1617 Directory traversal vulnerability in combine.php in OSClass before 2.3.6 allows remote attackers to ...
E S
CVE-2012-1618 Interaction error in the PostgreSQL JDBC driver before 8.2, when used with a PostgreSQL server with ...
CVE-2012-1619 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2012-1620 slock 0.9 does not properly handle the XRaiseWindow event when the screen is locked, which might all...
E S
CVE-2012-1621 Multiple cross-site scripting (XSS) vulnerabilities in Apache Open For Business Project (aka OFBiz) ...
CVE-2012-1622 Apache OFBiz 10.04.x before 10.04.02 allows remote attackers to execute arbitrary code via unspecifi...
CVE-2012-1623 The Registration Codes module before 6.x-2.4 for Drupal does not restrict access to the registration...
S
CVE-2012-1624 Multiple cross-site scripting (XSS) vulnerabilities in the Lingotek module 6.x-1.x before 6.x-1.40 f...
CVE-2012-1625 Eval injection vulnerability in the fillpdf_form_export_decode function in fillpdf.admin.inc in the ...
S
CVE-2012-1626 SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-...
S
CVE-2012-1627 Cross-site scripting (XSS) vulnerability in vud_term.module in the Vote Up/Down module 6.x-2.x befor...
S
CVE-2012-1628 Cross-site scripting (XSS) vulnerability in the SuperCron module for Drupal allows remote authentica...
CVE-2012-1629 Cross-site scripting (XSS) vulnerability in the Taxotouch module for Drupal allows remote authentica...
CVE-2012-1630 Cross-site scripting (XSS) vulnerability in the Taxonomy Navigator module for Drupal allows remote a...
CVE-2012-1631 Cross-site request forgery (CSRF) vulnerability in the Admin:hover module for Drupal allows remote a...
S
CVE-2012-1632 Cross-site scripting (XSS) vulnerability in password_policy.admin.inc in the Password Policy module ...
S
CVE-2012-1633 Cross-site request forgery (CSRF) vulnerability in the Password Policy module before 6.x-1.4 and 7.x...
E
CVE-2012-1634 Cross-site scripting (XSS) vulnerability in video_filter.codecs.inc in the Video Filter module 6.x-2...
E S
CVE-2012-1635 The hook_node_access function in the revisioning module 7.x-1.x before 7.x-1.3 for Drupal checks the...
S
CVE-2012-1636 Cross-site request forgery (CSRF) vulnerability in the stickynote module before 7.x-1.1 for Drupal a...
S
CVE-2012-1637 Cross-site scripting vulnerability (XSS) in the Quick Tabs module 6.x-2.x before 6.x-2.1, 6.x-3.x be...
CVE-2012-1638 SQL injection vulnerability in the Search Autocomplete module before 7.x-2.1 for Drupal allows remot...
S
CVE-2012-1639 Multiple cross-site scripting (XSS) vulnerabilities in product/commerce_product.module in the Drupal...
S
CVE-2012-1640 Multiple cross-site scripting (XSS) vulnerabilities in the Managesite module 6.x-1.x before 6.1-1.1 ...
S
CVE-2012-1641 The finder_import function in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before...
E S
CVE-2012-1642 includes/linkchecker.pages.inc in the Link checker module 6.x-2.x before 6.x-2.5 for Drupal does not...
S
CVE-2012-1643 The Faster Permissions module 7.x-2.x before 7.x-1.2 for Drupal does not check the "administer permi...
S
CVE-2012-1644 The Organic Groups (OG) Vocabulary module 6.x-1.x before 6.x-1.2 for Drupal allows remote authentica...
E S
CVE-2012-1645 The CDN module 6.x-2.2 and 7.x-2.2 for Drupal, when running in Origin Pull mode with the "Far Future...
S
CVE-2012-1646 Multiple cross-site scripting (XSS) vulnerabilities in the FAQ module 6.x-1.x before 6.x-1.13 and 7....
S
CVE-2012-1647 Multiple cross-site scripting (XSS) vulnerabilities in the "stand alone PHP application for the OSM ...
E S
CVE-2012-1648 Cross-site scripting (XSS) vulnerability in the Cool Aid module before 6.x-1.9 for Drupal allows rem...
CVE-2012-1649 Cool Aid module before 6.x-1.9 for Drupal does not enforce access restrictions, which allows remote ...
S
CVE-2012-1650 The ZipCart module 6.x before 6.x-1.4 for Drupal checks the "access content" permission instead of t...
S
CVE-2012-1651 Cross-site scripting (XSS) vulnerability in the Submenu Tree module before 6.x-1.5 for Drupal allows...
S
CVE-2012-1652 Cross-site scripting (XSS) vulnerability in the Hierarchical Select module 6.x-3.x before 6.x-3.8 fo...
S
CVE-2012-1653 Cross-site scripting (XSS) vulnerability in the Taxonomy Views Integrator (TVI) module 6.x-1.x befor...
S
CVE-2012-1654 Multiple cross-site scripting (XSS) vulnerabilities in the Data module 6.x-1.x before 6.x-1.0 and 7....
S
CVE-2012-1655 Unspecified vulnerability in the UC PayDutchGroup / WeDeal payment module 6.x-1.0 for Drupal allows ...
CVE-2012-1656 SQL injection vulnerability in the Multisite Search module 6.x-2.2 for Drupal allows remote authenti...
CVE-2012-1657 Cross-site scripting (XSS) vulnerability in block_class.module in the Block Class module before 7.x-...
S
CVE-2012-1658 Cross-site scripting (XSS) vulnerability in the Read More Link module 6.x-3.x before 6.x-3.1 for Dru...
S
CVE-2012-1659 Cross-site scripting (XSS) vulnerability in the Node Recommendation module 6.x-1.x before 6.x-1.1 fo...
S
CVE-2012-1660 Multiple cross-site scripting (XSS) vulnerabilities in components/select.inc in the Webform module 6...
S
CVE-2012-1661 ESRI ArcMap 9 and ArcGIS 10.0.2.3200 and earlier does not properly prompt users before executing emb...
E
CVE-2012-1662 CA ARCserve Backup r12.0 through SP2, r12.5 before SP2, r15 through SP1, and r16 before SP1 on Windo...
CVE-2012-1663 Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows remote attackers to cause a de...
E S
CVE-2012-1664 Multiple cross-site scripting (XSS) vulnerabilities in the admin panel in osCMax before 2.5.1 allow ...
E S
CVE-2012-1665 Multiple SQL injection vulnerabilities in the admin panel in osCMax before 2.5.1 allow (1) remote at...
E
CVE-2012-1666 Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Playe...
CVE-2012-1667 ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV ...
CVE-2012-1669 Directory traversal vulnerability in index.php in phpMoneyBooks before 1.0.3 allows remote attackers...
E
CVE-2012-1670 admin/index.php in PHP Grade Book before 1.9.5 BETA allows remote attackers to read the database via...
E S
CVE-2012-1671 Directory traversal vulnerability in index.php in phpPaleo 4.8b155 and earlier allows remote attacke...
E
CVE-2012-1672 SQL injection vulnerability in getcity.php in Hotel Booking Portal 0.1 allows remote attackers to ex...
E
CVE-2012-1673 SQL injection vulnerability in loginscript.php in e-ticketing allows remote attackers to execute arb...
E
CVE-2012-1674 Unspecified vulnerability in the Siebel Clinical component in Oracle Industry Applications 7.7, 7.8,...
S
CVE-2012-1675 The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3,...
E
CVE-2012-1676 Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic...
CVE-2012-1677 Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion...
CVE-2012-1678 Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Produ...
CVE-2012-1679 Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic...
CVE-2012-1680 Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows re...
CVE-2012-1681 Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availa...
S
CVE-2012-1682 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2012-1683 Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confid...
S
CVE-2012-1684 Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confid...
S
CVE-2012-1685 Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 allows...
S
CVE-2012-1686 Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle...
S
CVE-2012-1687 Unspecified vulnerability in Oracle Solaris 10 and 11 allows local users to affect integrity and ava...
S
CVE-2012-1688 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5....
CVE-2012-1689 Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows ...
CVE-2012-1690 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5....
CVE-2012-1691 Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, int...
S
CVE-2012-1692 Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability, relate...
S
CVE-2012-1693 Unspecified vulnerability in Oracle SPARC Enterprise M Series Servers XCP 1110 allows remote attacke...
S
CVE-2012-1694 Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality...
CVE-2012-1695 Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.2 and ear...
CVE-2012-1696 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows re...
CVE-2012-1697 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows re...
CVE-2012-1698 Unspecified vulnerability in Oracle Sun Solaris 11 allows remote authenticated users to affect confi...
CVE-2012-1699 The ProcSetEventMask function in difs/events.c in the xfs font server for X.Org X11R6 through X11R6....
CVE-2012-1700 Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows re...
CVE-2012-1701 Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows re...
CVE-2012-1702 Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and ...
CVE-2012-1703 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5....
CVE-2012-1704 Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic...
S
CVE-2012-1705 Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and ...
CVE-2012-1706 Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic...
CVE-2012-1707 Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic...
S
CVE-2012-1708 Unspecified vulnerability in the Application Express component in Oracle Database Server 4.0 and 4.1...
CVE-2012-1709 Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middl...
S
CVE-2012-1710 Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middl...
KEV S
CVE-2012-1711 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update...
CVE-2012-1712 Directory traversal vulnerability in the Liferay component in Oracle Sun GlassFish Web Space Server ...
CVE-2012-1713 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update...
CVE-2012-1714 Unspecified vulnerability in a TList 6 ActiveX control in Oracle Hyperion Financial Management 11.1....
CVE-2012-1715 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su...
CVE-2012-1716 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update...
CVE-2012-1717 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update...
S
CVE-2012-1718 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update...
CVE-2012-1719 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update...
CVE-2012-1720 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update...
CVE-2012-1721 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update...
CVE-2012-1722 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update...
CVE-2012-1723 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update...
KEV
CVE-2012-1724 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update...
CVE-2012-1725 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update...
CVE-2012-1726 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update...
CVE-2012-1727 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su...
CVE-2012-1728 Unspecified vulnerability in the Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect...
CVE-2012-1729 Unspecified vulnerability in the Hyperion BI+ component in Oracle Hyperion 11.1.1.3 and earlier allo...
CVE-2012-1730 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su...
CVE-2012-1731 Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect con...
CVE-2012-1732 Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to ...
CVE-2012-1733 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2012-1734 Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows ...
CVE-2012-1735 Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated user...
CVE-2012-1736 Unspecified vulnerability in the Oracle MapViewer component in Oracle Fusion Middleware 10.1.3.1 all...
CVE-2012-1737 Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Database...
CVE-2012-1738 Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite Ja...
CVE-2012-1739 Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite...
CVE-2012-1740 Unspecified vulnerability in the Oracle Application Express Listener component in Oracle Application...
CVE-2012-1741 Unspecified vulnerability in the Enterprise Manager for Fusion Middleware component in Oracle Fusion...
CVE-2012-1742 Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect ava...
S
CVE-2012-1743 Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Indu...
CVE-2012-1744 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2012-1745 Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.3, 10.2.0....
CVE-2012-1746 Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.3, 10.2.0....
CVE-2012-1747 Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.3, 10.2.0....
CVE-2012-1748 Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products ...
S
CVE-2012-1749 Unspecified vulnerability in the Oracle MapViewer component in Oracle Fusion Middleware 10.1.3.1 and...
CVE-2012-1750 Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confid...
CVE-2012-1751 Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, ...
S
CVE-2012-1752 Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability, relate...
CVE-2012-1753 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2012-1754 Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to ...
CVE-2012-1755 Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.51...
CVE-2012-1756 Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated user...
CVE-2012-1757 Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated user...
CVE-2012-1758 Unspecified vulnerability in the Oracle AutoVue component in Oracle Supply Chain Products Suite 20.0...
S
CVE-2012-1759 Unspecified vulnerability in the Oracle AutoVue component in Oracle Supply Chain Products Suite 20.0...
S
CVE-2012-1760 Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect ava...
S
CVE-2012-1761 Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect int...
CVE-2012-1762 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2012-1763 Unspecified vulnerability in the Oracle Clinical/Remote Data Capture component in Oracle Industry Ap...
S
CVE-2012-1764 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2012-1765 Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via unknow...
CVE-2012-1766 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2012-1767 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2012-1768 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2012-1769 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2012-1770 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2012-1771 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2012-1772 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2012-1773 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2012-1774 Unspecified vulnerability in the Open URL feature in Gretech GOM Media Player before 2.1.39.5101 has...
S
CVE-2012-1775 Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to exe...
E
CVE-2012-1776 Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attacker...
CVE-2012-1777 SQL injection vulnerability in my.activation.php3 in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 allow...
E
CVE-2012-1778 SQL injection vulnerability in artykul_print.php in CreateVision CMS allows remote attackers to exec...
E
CVE-2012-1779 Cross-site scripting (XSS) vulnerability in IDevSpot idev-BusinessDirectory 3.0 allows remote attack...
E
CVE-2012-1780 SQL injection vulnerability in search.php in SocialCMS 1.0.5 allows remote attackers to execute arbi...
E
CVE-2012-1781 Multiple cross-site scripting (XSS) vulnerabilities in ajax/commentajax.php in SocialCMS 1.0.5 allow...
E
CVE-2012-1782 Multiple cross-site scripting (XSS) vulnerabilities in questions/ask in OSQA 3b allow remote attacke...
E
CVE-2012-1783 Tiny Server 1.1.9 and earlier allows remote attackers to cause a denial of service (crash) via a lon...
E
CVE-2012-1784 SQL injection vulnerability in MyJobList 0.1.3 allows remote attackers to execute arbitrary SQL comm...
E
CVE-2012-1785 kg_callffmpeg.php in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows re...
S
CVE-2012-1786 The Media Upload form in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allow...
S
CVE-2012-1787 Multiple cross-site scripting (XSS) vulnerabilities in wgarcmin.cgi in Webglimpse 2.20.0 and earlier...
E
CVE-2012-1788 Multiple cross-site scripting (XSS) vulnerabilities in wonderdesk.cgi in WonderDesk SQL 4.14 allow r...
E
CVE-2012-1789 Multiple cross-site scripting (XSS) vulnerabilities in Kongreg8 1.7.3 allow remote attackers to inje...
CVE-2012-1790 Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows remote attackers to read arbi...
E
CVE-2012-1792 Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Setup/Application/Install/RPC/DB...
E
CVE-2012-1795 webglimpse.cgi in Webglimpse before 2.20.0 allows remote attackers to execute arbitrary commands via...
S
CVE-2012-1796 Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as used in IBM DB2 9.5 before FP9 o...
CVE-2012-1797 IBM DB2 9.5 uses world-writable permissions for nodes.reg, which has unspecified impact and attack v...
CVE-2012-1798 The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote atta...
S
CVE-2012-1799 The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with...
CVE-2012-1800 Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Se...
CVE-2012-1801 Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, Web...
CVE-2012-1802 Buffer overflow in the embedded web server on the Siemens Scalance X Industrial Ethernet switch X414...
CVE-2012-1803 RuggedCom Rugged Operating System (ROS) 3.10.x and earlier has a factory account with a password der...
E
CVE-2012-1804 The OPC server in Progea Movicon before 11.3 allows remote attackers to cause a denial of service (o...
CVE-2012-1805 Buffer overflow in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM...
CVE-2012-1806 The ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-EC...
CVE-2012-1807 Cross-site scripting (XSS) vulnerability in the web server in the ECOM Ethernet module in Koyo H0-EC...
CVE-2012-1808 The web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM1...
CVE-2012-1809 The web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM1...
CVE-2012-1810 EOSCoreScada.exe in C3-ilex EOScada before 11.0.19.2 allows remote attackers to cause a denial of se...
CVE-2012-1811 EOSDataServer.exe in C3-ilex EOScada before 11.0.19.2 allows remote attackers to cause a denial of s...
CVE-2012-1812 eosfailoverservice.exe in C3-ilex EOScada before 11.0.19.2 allows remote attackers to obtain sensiti...
CVE-2012-1813 eosfailoverservice.exe in C3-ilex EOScada before 11.0.19.2 allows remote attackers to cause a denial...
CVE-2012-1814 Cross-site scripting (XSS) vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11...
CVE-2012-1815 SQL injection vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3....
CVE-2012-1816 PORTSERV.exe in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV Pr...
CVE-2012-1817 Buffer overflow in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV...
CVE-2012-1818 An unspecified ActiveX control in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11...
CVE-2012-1819 Untrusted search path vulnerability in WellinTech KingView 6.53 allows local users to gain privilege...
S
CVE-2012-1820 The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to c...
CVE-2012-1821 The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) ...
CVE-2012-1823 sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (ak...
KEV E S
CVE-2012-1824 Untrusted search path vulnerability in Measuresoft ScadaPro Client before 4.0.0 and ScadaPro Server ...
CVE-2012-1825 Multiple cross-site scripting (XSS) vulnerabilities in the status program on the ForeScout CounterAC...
CVE-2012-1826 dotCMS 1.9 before 1.9.5.1 allows remote authenticated users to execute arbitrary Java code via a cra...
CVE-2012-1827 The web service in AutoFORM PDM Archive before 7.1 does not have authorization requirements, which a...
CVE-2012-1828 The administrative functions in AutoFORM PDM Archive before 7.1 do not have authorization requiremen...
CVE-2012-1829 Multiple cross-site scripting (XSS) vulnerabilities in AutoFORM PDM Archive before 6.920 allow remot...
CVE-2012-1830 Stack-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary...
S
CVE-2012-1831 Heap-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary ...
S
CVE-2012-1832 WellinTech KingView 6.53 allows remote attackers to execute arbitrary code or cause a denial of serv...
S
CVE-2012-1833 VMware SpringSource Grails before 1.3.8, and 2.x before 2.0.2, does not properly restrict data bindi...
E S
CVE-2012-1834 Cross-site scripting (XSS) vulnerability in the cms_tpv_admin_head function in functions.php in the ...
E S
CVE-2012-1835 Multiple cross-site scripting (XSS) vulnerabilities in the All-in-One Event Calendar plugin 1.4 and ...
E
CVE-2012-1836 Heap-based buffer overflow in dns.cpp in InspIRCd 2.0.5 might allow remote attackers to execute arbi...
E S
CVE-2012-1837 The (1) webreports, (2) post/create-role, and (3) post/update-role programs in IBM Tivoli Endpoint M...
CVE-2012-1838 The web management interface on the LG-Nortel ELO GS24M switch allows remote attackers to bypass aut...
CVE-2012-1839 Multiple directory traversal vulnerabilities in the Get Template feature in plugins/gui.ajax/class.A...
S
CVE-2012-1840 AjaXplorer 3.2.x before 3.2.5 and 4.0.x before 4.0.4 does not properly perform cookie authentication...
S
CVE-2012-1841 Absolute path traversal vulnerability in logShow.htm on the Quantum Scalar i500 tape library with fi...
CVE-2012-1842 Cross-site scripting (XSS) vulnerability in checkQKMProg.htm on the Quantum Scalar i500 tape library...
CVE-2012-1843 Cross-site request forgery (CSRF) vulnerability in saveRestore.htm on the Quantum Scalar i500 tape l...
CVE-2012-1844 The Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as...
CVE-2012-1845 Use-after-free vulnerability in Google Chrome 17.0.963.66 and earlier allows remote attackers to byp...
CVE-2012-1846 Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the sandbox protection mecha...
CVE-2012-1847 Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 and 2011 for Mac; Exc...
CVE-2012-1848 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2012-1849 Untrusted search path vulnerability in Microsoft Lync 2010, 2010 Attendee, and 2010 Attendant allows...
CVE-2012-1850 The Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsof...
CVE-2012-1851 Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Window...
CVE-2012-1852 Heap-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanW...
CVE-2012-1853 Stack-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the Lanman...
CVE-2012-1854 Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and ...
CVE-2012-1855 Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly handle function pointers,...
CVE-2012-1856 The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Of...
KEV S
CVE-2012-1857 Cross-site scripting (XSS) vulnerability in the Enterprise Portal component in Microsoft Dynamics AX...
CVE-2012-1858 The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9, Communicat...
CVE-2012-1859 Cross-site scripting (XSS) vulnerability in scriptresx.ashx in Microsoft SharePoint Server 2010 Gold...
CVE-2012-1860 Microsoft Office SharePoint Server 2007 SP2 and SP3, SharePoint Server 2010 Gold and SP1, and Office...
CVE-2012-1861 Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 Gold and SP1, SharePoin...
CVE-2012-1862 Open redirect vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 allows remote att...
CVE-2012-1863 Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 Wind...
CVE-2012-1864 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2012-1865 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2012-1866 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2012-1867 Integer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windo...
CVE-2012-1868 Race condition in the thread-creation implementation in win32k.sys in the kernel-mode drivers in Mic...
CVE-2012-1869 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-1870 The CBC mode in the TLS protocol, as used in Microsoft Windows XP SP2 and SP3, Windows Server 2003 S...
CVE-2012-1871 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-1872 Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 9 allows remote at...
CVE-2012-1873 Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data, which a...
CVE-2012-1874 Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows user-as...
CVE-2012-1875 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attack...
CVE-2012-1876 Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects i...
CVE-2012-1877 Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows rem...
CVE-2012-1878 Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows rem...
CVE-2012-1879 Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows rem...
CVE-2012-1880 Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows rem...
CVE-2012-1881 Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote ...
CVE-2012-1882 Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which allows r...
CVE-2012-1883 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-1884 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2012-1885 Heap-based buffer overflow in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Office 2008 ...
CVE-2012-1886 Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Excel Viewer; and Office Compatibility Pac...
CVE-2012-1887 Use-after-free vulnerability in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1, and Office...
CVE-2012-1888 Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 allows remote attackers to exe...
CVE-2012-1889 Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which al...
KEV S
CVE-2012-1890 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2012-1891 Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Da...
CVE-2012-1892 Cross-site scripting (XSS) vulnerability in Microsoft Visual Studio Team Foundation Server 2010 SP1 ...
CVE-2012-1893 win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ...
CVE-2012-1894 Microsoft Office for Mac 2011 uses world-writable permissions for the "Applications/Microsoft Office...
CVE-2012-1895 The reflection implementation in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4 do...
CVE-2012-1896 Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during constructi...
CVE-2012-1897 Multiple cross-site request forgery (CSRF) vulnerabilities in Wolf CMS 0.75 and earlier allow remote...
E
CVE-2012-1898 Multiple cross-site scripting (XSS) vulnerabilities in wolfcms/admin/user/add in Wolf CMS 0.75 and e...
E
CVE-2012-1899 Multiple cross-site scripting (XSS) vulnerabilities in webfolio/admin/users/edit in Webfolio CMS 1.1...
E
CVE-2012-1900 Cross-site request forgery (CSRF) vulnerability in admin/index.php in RazorCMS 1.2.1 and earlier all...
E
CVE-2012-1901 Multiple cross-site request forgery (CSRF) vulnerabilities in FlexCMS 3.2.1 and earlier allow remote...
E
CVE-2012-1902 show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist...
S
CVE-2012-1903 XSS in Telligent Community 5.6.583.20496 via a flash file and related to the allowScriptAccess param...
E
CVE-2012-1904 mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and Re...
E
CVE-2012-1906 Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x...
CVE-2012-1907 The scanner engine in PrivaWall Antivirus 5.6 and earlier does not recognize the Office XML (aka Ope...
E
CVE-2012-1908 Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.3 allows remote attackers to inject...
CVE-2012-1909 The Bitcoin protocol, as used in bitcoind before 0.4.4, wxBitcoin, Bitcoin-Qt, and other programs, d...
E S
CVE-2012-1910 Bitcoin-Qt 0.5.0.x before 0.5.0.5; 0.5.1.x, 0.5.2.x, and 0.5.3.x before 0.5.3.1; and 0.6.x before 0....
E S
CVE-2012-1911 Multiple SQL injection vulnerabilities in PHP Address Book 6.2.12 and earlier allow remote attackers...
E
CVE-2012-1912 Cross-site scripting (XSS) vulnerability in preferences.php in PHP Address Book 7.0 and earlier allo...
E
CVE-2012-1913 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-0754. Reason: This candida...
R
CVE-2012-1915 EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS ...
CVE-2012-1916 @Mail WebMail Client in AtMail Open-Source before 1.05 allows remote attackers to execute arbitrary ...
S
CVE-2012-1917 compose.php in @Mail WebMail Client in AtMail Open-Source before 1.05 does not properly handle ../ (...
S
CVE-2012-1918 Multiple directory traversal vulnerabilities in (1) compose.php and (2) libs/Atmail/SendMsg.php in @...
S
CVE-2012-1919 CRLF injection vulnerability in mime.php in @Mail WebMail Client in AtMail Open-Source before 1.05 a...
S
CVE-2012-1920 @Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows remote attackers to obtain config...
CVE-2012-1921 Cross-site request forgery (CSRF) vulnerability in goform/admin/formWlEncrypt in Sitecom WLM-2501 al...
CVE-2012-1922 Multiple cross-site request forgery (CSRF) vulnerabilities in Sitecom WLM-2501 allow remote attacker...
CVE-2012-1923 RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext un...
CVE-2012-1924 Opera before 11.62 allows user-assisted remote attackers to trick users into downloading and executi...
CVE-2012-1925 Opera before 11.62 does not ensure that a dialog window is placed on top of content windows, which m...
CVE-2012-1926 Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the (1) history.push...
CVE-2012-1927 Opera before 11.62 allows remote attackers to spoof the address field by triggering the launch of a ...
CVE-2012-1928 Opera before 11.62 allows remote attackers to spoof the address field by triggering a page reload fo...
CVE-2012-1929 Opera before 11.62 on Mac OS X allows remote attackers to spoof the address field and security dialo...
CVE-2012-1930 Opera before 11.62 on UNIX uses world-readable permissions for temporary files during printing, whic...
CVE-2012-1931 Opera before 11.62 on UNIX, when used in conjunction with an unspecified printing application, allow...
CVE-2012-1932 A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers to i...
E
CVE-2012-1933 Multiple PHP remote file inclusion vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4 before RC4, ...
E
CVE-2012-1934 SQL injection vulnerability in admin/country/edit.php in Newscoop before 3.5.5 and 4.x before 4 RC4 ...
E
CVE-2012-1935 Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4.x before 4 ...
E
CVE-2012-1936 The wp_create_nonce function in wp-includes/pluggable.php in WordPress 3.3.1 and earlier associates ...
E
CVE-2012-1937 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 12.0, Fire...
CVE-2012-1938 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbi...
E S
CVE-2012-1939 jsinfer.cpp in Mozilla Firefox ESR 10.x before 10.0.5 and Thunderbird ESR 10.x before 10.0.5 does no...
CVE-2012-1940 Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through ...
CVE-2012-1941 Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Fi...
CVE-2012-1942 The Mozilla Updater and Windows Updater Service in Mozilla Firefox 12.0, Thunderbird 12.0, and SeaMo...
CVE-2012-1943 Untrusted search path vulnerability in Updater.exe in the Windows Updater Service in Mozilla Firefox...
CVE-2012-1944 The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10...
CVE-2012-1945 Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thun...
CVE-2012-1946 Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x t...
CVE-2012-1947 Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, F...
CVE-2012-1948 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Fire...
CVE-2012-1949 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 13.0, Thun...
CVE-2012-1950 The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10....
CVE-2012-1951 Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4....
CVE-2012-1952 The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before...
CVE-2012-1953 The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR ...
CVE-2012-1954 Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x through 13...
CVE-2012-1955 Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thun...
CVE-2012-1956 Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 do not prevent use o...
CVE-2012-1957 An unspecified parser-utility class in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10....
CVE-2012-1958 Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x throu...
CVE-2012-1959 Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thun...
CVE-2012-1960 The qcms_transform_data_rgb_out_lut_sse2 function in the QCMS implementation in Mozilla Firefox 4.x ...
CVE-2012-1961 Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thun...
CVE-2012-1962 Use-after-free vulnerability in the JSDependentString::undepend function in Mozilla Firefox 4.x thro...
CVE-2012-1963 The Content Security Policy (CSP) functionality in Mozilla Firefox 4.x through 13.0, Firefox ESR 10....
CVE-2012-1964 The certificate-warning functionality in browser/components/certerror/content/aboutCertError.xhtml i...
CVE-2012-1965 Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not properly establish the se...
CVE-2012-1966 Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 do not have the same context-men...
CVE-2012-1967 Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thun...
CVE-2012-1968 Bugzilla 4.1.x and 4.2.x before 4.2.2 and 4.3.x before 4.3.2 uses bug-editor privileges instead of b...
S
CVE-2012-1969 The get_attachment_link function in Template.pm in Bugzilla 2.x and 3.x before 3.6.10, 3.7.x and 4.0...
CVE-2012-1970 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox E...
CVE-2012-1971 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Thunderbi...
CVE-2012-1972 Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Fire...
CVE-2012-1973 Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox b...
CVE-2012-1974 Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox befor...
CVE-2012-1975 Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0,...
CVE-2012-1976 Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firef...
CVE-2012-1977 WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which a...
CVE-2012-1978 Multiple cross-site request forgery (CSRF) vulnerabilities in Simple PHP Agenda 2.2.8 and earlier al...
E
CVE-2012-1979 Cross-site scripting (XSS) vulnerability in starnet/index.php in SyndeoCMS 3.0.01 and earlier allows...
E
CVE-2012-1982 Cross-site scripting (XSS) vulnerability in my_admin/admin1_list_pages.php in SocialCMS 1.0.2 and ea...
E
CVE-2012-1984 Multiple cross-site scripting (XSS) vulnerabilities in RealNetworks Helix Server and Helix Mobile Se...
CVE-2012-1985 Cross-site request forgery (CSRF) vulnerability in RealNetworks Helix Server and Helix Mobile Server...
CVE-2012-1986 Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x...
CVE-2012-1987 Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterpri...
CVE-2012-1988 Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x...
CVE-2012-1989 telnet.rb in Puppet 2.7.x before 2.7.13 and Puppet Enterprise (PE) 1.2.x, 2.0.x, and 2.5.x before 2....
CVE-2012-1990 Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric Kerweb before 3.0.1 and Ke...
CVE-2012-1992 Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS Made Simple 1.10.3 and earlier...
CVE-2012-1993 Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows local users to mo...
CVE-2012-1994 HP Systems Insight Manager before 7.0 allows a remote user on adjacent network to access information...
CVE-2012-1995 Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows local users to obtai...
CVE-2012-1996 Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote attackers to ...
CVE-2012-1997 Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote attackers to ...
CVE-2012-1998 Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote attackers to ...
CVE-2012-1999 Unspecified vulnerability in HP Systems Insight Manager (SIM) before 7.0 allows remote authenticated...
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.