| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2012-3000 | Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebG... | | |
| CVE-2012-3001 | Mutiny Standard before 4.5-1.12 allows remote attackers to execute arbitrary commands via the networ... | | |
| CVE-2012-3002 | The web interface on (1) Foscam and (2) Wansview IP cameras allows remote attackers to bypass authen... | | |
| CVE-2012-3003 | Open redirect vulnerability in an unspecified web application in Siemens WinCC 7.0 SP3 before Update... | | |
| CVE-2012-3004 | Multiple untrusted search path vulnerabilities in RealFlex RealWin before 2.1.13, FlexView before 3.... | | |
| CVE-2012-3005 | Untrusted search path vulnerability in Invensys Wonderware InTouch 2012 and earlier, as used in Wond... | | |
| CVE-2012-3006 | The Innominate mGuard Smart HW before HW-101130 and BD before BD-101030, mGuard industrial RS, mGuar... | | |
| CVE-2012-3007 | Stack-based buffer overflow in slssvc.exe before 58.x in Invensys Wonderware SuiteLink in the Invens... | | |
| CVE-2012-3008 | Stack-based buffer overflow in OSIsoft PI OPC DA Interface before 2.3.20.9 allows remote authenticat... | | |
| CVE-2012-3009 | Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows... | | |
| CVE-2012-3010 | rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Informatio... | | |
| CVE-2012-3011 | Directory traversal vulnerability in the web server in Fultek WinTr Scada 4.0.5 and earlier allows r... | | |
| CVE-2012-3012 | The Arbiter Power Sentinel 1133A device with firmware before 11Jun2012 Rev 421 allows remote attacke... | | |
| CVE-2012-3013 | WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices have de... | | |
| CVE-2012-3014 | The Management Software application in GarrettCom Magnum MNS-6K before 4.4.0, and 14.x before 14.4.0... | | |
| CVE-2012-3015 | Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7... | | |
| CVE-2012-3016 | Siemens SIMATIC S7-400 PN CPU devices with firmware 6 before 6.0.3 allow remote attackers to cause a... | S | |
| CVE-2012-3017 | Siemens SIMATIC S7-400 PN CPU devices with firmware 5.x allow remote attackers to cause a denial of ... | | |
| CVE-2012-3018 | The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and ea... | | |
| CVE-2012-3020 | The Siemens Synco OZW Web Server devices OZW672.*, OZW772.*, and OZW775 with firmware before 4 have ... | | |
| CVE-2012-3021 | rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Informatio... | | |
| CVE-2012-3022 | The SaveToFile method in a certain ActiveX control in TrendDisplay.dll in Canary Labs TrendLink 9.0.... | | |
| CVE-2012-3024 | Tridium Niagara AX Framework through 3.6 uses predictable values for (1) session IDs and (2) keys, w... | S | |
| CVE-2012-3025 | The default configuration of Tridium Niagara AX Framework through 3.6 uses a cleartext base64 format... | S | |
| CVE-2012-3026 | rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Informatio... | | |
| CVE-2012-3027 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2012-3028 | Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier... | S | |
| CVE-2012-3029 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2012-3030 | WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, store... | S | |
| CVE-2012-3031 | Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and ear... | S | |
| CVE-2012-3032 | SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC... | S | |
| CVE-2012-3033 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2012-3034 | WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow... | S | |
| CVE-2012-3035 | Buffer overflow in Emerson DeltaV 9.3.1 and 10.3 through 11.3.1 allows remote attackers to cause a d... | | |
| CVE-2012-3036 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2012-3037 | The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROL... | | |
| CVE-2012-3039 | Moxa OnCell Gateway G3111, G3151, G3211, and G3251 devices with firmware before 1.4 do not use a suf... | | |
| CVE-2012-3040 | Cross-site scripting (XSS) vulnerability in the web server on Siemens SIMATIC S7-1200 PLCs 2.x throu... | | |
| CVE-2012-3042 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2012-3047 | Cross-site scripting (XSS) vulnerability in the web-wizard setup page on Cisco Scientific Atlanta D2... | | |
| CVE-2012-3051 | Cisco NX-OS 5.2 and 6.1 on Nexus 7000 series switches allows remote attackers to cause a denial of s... | | |
| CVE-2012-3052 | Untrusted search path vulnerability in Cisco VPN Client 5.0 allows local users to gain privileges vi... | | |
| CVE-2012-3053 | Buffer overflow in the Cisco WebEx Advanced Recording Format (ARF) player T27 L through SP11 EP26, T... | | |
| CVE-2012-3054 | Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26,... | | |
| CVE-2012-3055 | Stack-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26... | | |
| CVE-2012-3056 | Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB thr... | | |
| CVE-2012-3057 | Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26,... | | |
| CVE-2012-3058 | Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in... | | |
| CVE-2012-3060 | Cisco Unity Connection (UC) 8.6, 9.0, and 9.5 allows remote attackers to cause a denial of service (... | | |
| CVE-2012-3062 | Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remo... | | |
| CVE-2012-3063 | Cisco Application Control Engine (ACE) before A4(2.3) and A5 before A5(1.1), when multicontext mode ... | | |
| CVE-2012-3073 | The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manag... | | |
| CVE-2012-3074 | An unspecified API on Cisco TelePresence Immersive Endpoint Devices before 1.9.1 allows remote attac... | | |
| CVE-2012-3075 | The administrative web interface on Cisco TelePresence Immersive Endpoint Devices before 1.7.4 allow... | | |
| CVE-2012-3076 | The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows remote a... | | |
| CVE-2012-3079 | Cisco IOS 12.2 allows remote attackers to cause a denial of service (CPU consumption) by establishin... | | |
| CVE-2012-3088 | Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495, and 3.2.x, does not check whether an... | | |
| CVE-2012-3094 | The VPN downloader in the download_install component in Cisco AnyConnect Secure Mobility Client 3.1.... | | |
| CVE-2012-3096 | Cisco Unity Connection (UC) 7.1, 8.0, and 8.5 allows remote authenticated users to cause a denial of... | | |
| CVE-2012-3104 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2012-3105 | The glBufferData function in the WebGL implementation in Mozilla Firefox 4.x through 12.0, Firefox E... | | |
| CVE-2012-3106 | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ... | | |
| CVE-2012-3107 | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ... | | |
| CVE-2012-3108 | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ... | | |
| CVE-2012-3109 | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ... | | |
| CVE-2012-3110 | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ... | | |
| CVE-2012-3111 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | | |
| CVE-2012-3112 | Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect integrity via u... | | |
| CVE-2012-3113 | Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products ... | | |
| CVE-2012-3114 | Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P... | | |
| CVE-2012-3115 | Unspecified vulnerability in the Oracle MapViewer component in Oracle Fusion Middleware 10.1.3.1, 11... | | |
| CVE-2012-3116 | Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P... | | |
| CVE-2012-3117 | Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P... | | |
| CVE-2012-3118 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | | |
| CVE-2012-3119 | Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products ... | | |
| CVE-2012-3120 | Unspecified vulnerability in Oracle Sun Solaris 8 allows remote attackers to affect availability, re... | | |
| CVE-2012-3121 | Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows remote attackers to affect availabil... | | |
| CVE-2012-3122 | Unspecified vulnerability in Oracle Sun Solaris 8 and 9 allows local users to affect confidentiality... | | |
| CVE-2012-3123 | Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality... | | |
| CVE-2012-3124 | Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect availability, r... | | |
| CVE-2012-3125 | Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows remote attackers to affect avail... | | |
| CVE-2012-3126 | Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Products Suite 3.3 allows l... | | |
| CVE-2012-3127 | Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect availability, r... | | |
| CVE-2012-3128 | Unspecified vulnerability in Oracle SPARC T-Series Servers running System Firmware 8.2.0 and 8.1.4.e... | | |
| CVE-2012-3129 | Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality... | | |
| CVE-2012-3130 | Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect integrity via u... | | |
| CVE-2012-3131 | Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows remote attackers to affect conf... | | |
| CVE-2012-3132 | SQL injection vulnerability in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0... | | |
| CVE-2012-3133 | Buffer overflow in the DataDirect ODBC driver, as used in Oracle Hyperion Interactive Reporting 11.1... | | |
| CVE-2012-3134 | Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, ... | | |
| CVE-2012-3135 | Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.3 and bef... | | |
| CVE-2012-3136 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update... | | |
| CVE-2012-3137 | The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0... | E S | |
| CVE-2012-3138 | Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.... | S | |
| CVE-2012-3139 | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su... | S | |
| CVE-2012-3140 | Unspecified vulnerability in the Oracle Agile PLM For Process component in Oracle Supply Chain Produ... | S | |
| CVE-2012-3141 | Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Ser... | S | |
| CVE-2012-3142 | Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic... | S | |
| CVE-2012-3143 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update... | S | |
| CVE-2012-3144 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows re... | S | |
| CVE-2012-3145 | Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic... | S | |
| CVE-2012-3146 | Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, ... | S | |
| CVE-2012-3147 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows re... | S | |
| CVE-2012-3148 | Unspecified vulnerability in the Oracle Field Service component in Oracle E-Business Suite 12.1.3 al... | S | |
| CVE-2012-3149 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows re... | S | |
| CVE-2012-3150 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.... | S | |
| CVE-2012-3151 | Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, ... | S | |
| CVE-2012-3152 | Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1... | KEV E S | |
| CVE-2012-3153 | Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1... | E S | |
| CVE-2012-3154 | Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Product... | S | |
| CVE-2012-3155 | Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracl... | S | |
| CVE-2012-3156 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows re... | S | |
| CVE-2012-3157 | Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic... | S | |
| CVE-2012-3158 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.... | S | |
| CVE-2012-3159 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update... | S | |
| CVE-2012-3160 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.... | S | |
| CVE-2012-3161 | Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Product... | S | |
| CVE-2012-3162 | Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ... | S | |
| CVE-2012-3163 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.... | S | |
| CVE-2012-3164 | Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12... | S | |
| CVE-2012-3165 | Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confid... | S | |
| CVE-2012-3166 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.... | S | |
| CVE-2012-3167 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.... | S | |
| CVE-2012-3168 | Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows re... | | |
| CVE-2012-3169 | Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows re... | | |
| CVE-2012-3170 | Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows re... | | |
| CVE-2012-3171 | Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business... | S | |
| CVE-2012-3172 | Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows re... | | |
| CVE-2012-3173 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.... | S | |
| CVE-2012-3174 | Unspecified vulnerability in Oracle Java 7 before Update 11 allows remote attackers to affect confid... | | |
| CVE-2012-3175 | Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion... | S | |
| CVE-2012-3176 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | S | |
| CVE-2012-3177 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.... | S | |
| CVE-2012-3178 | Unspecified vulnerability in the kernel in Oracle Sun Solaris 11 allows local users to affect availa... | | |
| CVE-2012-3179 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | S | |
| CVE-2012-3180 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.... | S | |
| CVE-2012-3181 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | S | |
| CVE-2012-3182 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | S | |
| CVE-2012-3183 | Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6... | S | |
| CVE-2012-3184 | Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6... | S | |
| CVE-2012-3185 | Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6... | S | |
| CVE-2012-3186 | Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6... | S | |
| CVE-2012-3187 | Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, int... | S | |
| CVE-2012-3188 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | S | |
| CVE-2012-3189 | Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability, r... | S | |
| CVE-2012-3190 | Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11... | | |
| CVE-2012-3191 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | S | |
| CVE-2012-3192 | Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.51... | | |
| CVE-2012-3193 | Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.3.4.2,... | S | |
| CVE-2012-3194 | Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3.4.... | S | |
| CVE-2012-3195 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | S | |
| CVE-2012-3196 | Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10... | S | |
| CVE-2012-3197 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.... | S | |
| CVE-2012-3198 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | S | |
| CVE-2012-3199 | Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiali... | S | |
| CVE-2012-3200 | Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Product... | S | |
| CVE-2012-3201 | Unspecified vulnerability in the PeopleSoft Enterprise Campus Solutions component in Oracle PeopleSo... | S | |
| CVE-2012-3202 | Multiple unspecified vulnerabilities in the Oracle JRockit component in Oracle Fusion Middleware 28.... | S | |
| CVE-2012-3203 | Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability, relate... | S | |
| CVE-2012-3204 | Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, int... | S | |
| CVE-2012-3205 | Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity via unknow... | S | |
| CVE-2012-3206 | Unspecified vulnerability in the Integrated Lights Out Manager CLI in Oracle Sun Products Suite SysF... | S | |
| CVE-2012-3207 | Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows local users to affect availabil... | S | |
| CVE-2012-3208 | Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability,... | S | |
| CVE-2012-3209 | Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when running on SPARC, allows local users... | S | |
| CVE-2012-3210 | Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability vi... | S | |
| CVE-2012-3211 | Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability ... | S | |
| CVE-2012-3212 | Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when running on SPARC T4 servers, allows ... | S | |
| CVE-2012-3213 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug... | | |
| CVE-2012-3214 | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ... | S | |
| CVE-2012-3215 | Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when running on SPARC, allows local users... | S | |
| CVE-2012-3216 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update... | S | |
| CVE-2012-3217 | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ... | S | |
| CVE-2012-3218 | Unspecified vulnerability in the Human Resources component in Oracle E-Business Suite 11.5.10.2, 12.... | | |
| CVE-2012-3219 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Man... | | |
| CVE-2012-3220 | Unspecified vulnerability in the Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.... | S | |
| CVE-2012-3221 | Unspecified vulnerability in the Oracle VM Virtual Box component in Oracle Virtualization 3.2, 4.0, ... | S | |
| CVE-2012-3222 | Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 11.5.10.2,... | S | |
| CVE-2012-3223 | Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic... | S | |
| CVE-2012-3224 | Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic... | S | |
| CVE-2012-3225 | Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic... | S | |
| CVE-2012-3226 | Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Ser... | S | |
| CVE-2012-3227 | Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Ser... | S | |
| CVE-2012-3228 | Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic... | S | |
| CVE-2012-3229 | Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 allows rem... | S | |
| CVE-2012-3230 | Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 allows rem... | S | |
| CVE-2012-3231 | Multiple cross-site request forgery (CSRF) vulnerabilities in web@all 2.0, as downloaded before May ... | E | |
| CVE-2012-3232 | Cross-site scripting (XSS) vulnerability in search.php in web@all 2.0, as downloaded before May 30, ... | E | |
| CVE-2012-3233 | Cross-site scripting (XSS) vulnerability in __swift/thirdparty/PHPExcel/PHPExcel/Shared/JAMA/docs/do... | E | |
| CVE-2012-3234 | RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before... | | |
| CVE-2012-3236 | fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer de... | E S | |
| CVE-2012-3238 | Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Secur... | E S | |
| CVE-2012-3240 | The Walrus service in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 allows remote attackers to gain admini... | | |
| CVE-2012-3241 | The VMware Broker in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 does not properly authenticate SOAP req... | | |
| CVE-2012-3243 | Cross-site scripting (XSS) vulnerability in the SEOgento plugin for Magento allows remote attackers ... | | |
| CVE-2012-3247 | Unspecified vulnerability on the HP Integrity Server BL860c i2, BL870c i2, and BL890c i2 with firmwa... | | |
| CVE-2012-3248 | HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows remote attackers to obtain sensiti... | | |
| CVE-2012-3249 | HP Fortify Software Security Center 3.1, 3.3, 3.4, and 3.5 allows remote authenticated users to obta... | | |
| CVE-2012-3250 | Unspecified vulnerability in HP Service Manager Server 7.11, 9.21, and 9.30, and HP Service Center S... | | |
| CVE-2012-3251 | Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 7.11, 9.21, and 9.30, and HP... | | |
| CVE-2012-3252 | Unspecified vulnerability in HP Serviceguard A.11.19 and A.11.20 allows remote attackers to cause a ... | | |
| CVE-2012-3253 | Multiple unspecified vulnerabilities in HP Intelligent Management Center (IMC) before 5.0 E0101P05 a... | | |
| CVE-2012-3254 | Multiple unspecified vulnerabilities in HP iNode Management Center before iNode PC 5.1 E0304 allow r... | | |
| CVE-2012-3255 | Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote... | | |
| CVE-2012-3256 | Cross-site request forgery (CSRF) vulnerability in HP Business Availability Center (BAC) 8.07 allows... | | |
| CVE-2012-3257 | HP Business Availability Center (BAC) 8.07 allows remote authenticated users to hijack web sessions ... | | |
| CVE-2012-3258 | Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to ... | | |
| CVE-2012-3259 | Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attack... | | |
| CVE-2012-3260 | Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attack... | | |
| CVE-2012-3261 | Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attack... | | |
| CVE-2012-3262 | Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attack... | | |
| CVE-2012-3263 | Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attack... | | |
| CVE-2012-3264 | Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attack... | | |
| CVE-2012-3265 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2012-3266 | Unspecified vulnerability in IBRIX 6.1.196 through 6.1.251 on HP IBRIX X9000 Storage allows remote a... | | |
| CVE-2012-3267 | Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.20 allows remote attackers to obtain... | | |
| CVE-2012-3268 | Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products; c... | | |
| CVE-2012-3269 | Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5.41, when Sybase is used, allow... | | |
| CVE-2012-3270 | Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5.41, when Sybase is used, allow... | | |
| CVE-2012-3271 | Unspecified vulnerability on the HP Integrated Lights-Out 3 (aka iLO3) with firmware before 1.50 and... | S | |
| CVE-2012-3272 | Cross-site scripting (XSS) vulnerability on the HP Color LaserJet CM3530 with firmware before 53.190... | | |
| CVE-2012-3273 | Multiple unspecified vulnerabilities on the HP LaserJet Pro 400 MFP M425 with firmware 20120625 and ... | | |
| CVE-2012-3274 | Stack-based buffer overflow in uam.exe in the User Access Manager (UAM) component in HP Intelligent ... | | |
| CVE-2012-3275 | Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.1x and 9.20 allows remote attackers ... | | |
| CVE-2012-3276 | HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha p... | S | |
| CVE-2012-3277 | HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform and 7.3-2, 8.2, 8.3, and 8.4 on the Alpha p... | | |
| CVE-2012-3278 | Stack-based buffer overflow in magentservice.exe in HP Diagnostics Server 8.x through 8.07 and 9.x t... | | |
| CVE-2012-3279 | Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9... | | |
| CVE-2012-3280 | Multiple unspecified vulnerabilities on HP NonStop Servers H06.x and J06.x allow remote authenticate... | | |
| CVE-2012-3281 | Unspecified vulnerability in Device Manager in HP XP P9000 Command View Advanced Edition before 7.4.... | | |
| CVE-2012-3282 | Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 a... | | |
| CVE-2012-3283 | Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 a... | | |
| CVE-2012-3284 | Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 a... | | |
| CVE-2012-3285 | Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 a... | | |
| CVE-2012-3286 | Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and earlier and ArcSight Logger 5.2... | | |
| CVE-2012-3287 | Poul-Henning Kamp md5crypt has insufficient algorithmic complexity and a consequently short runtime,... | | |
| CVE-2012-3288 | VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x bef... | | |
| CVE-2012-3289 | VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, an... | | |
| CVE-2012-3290 | Multiple unspecified vulnerabilities in Google Chrome before 20.0.1132.22 on the Acer AC700; Samsung... | | |
| CVE-2012-3291 | Heap-based buffer overflow in OpenConnect 3.18 allows remote servers to cause a denial of service vi... | | |
| CVE-2012-3292 | The GridFTP in Globus Toolkit (GT) before 5.2.2, when certain autoconf macros are defined, does not ... | | |
| CVE-2012-3293 | Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application ... | | |
| CVE-2012-3294 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Web Gateway component in IBM WebSp... | E | |
| CVE-2012-3295 | IBM WebSphere MQ 7.1, when an SVRCONN channel is used, allows remote attackers to bypass the securit... | | |
| CVE-2012-3296 | Cross-site scripting (XSS) vulnerability in the Help link in the login panel in IBM Power Hardware M... | | |
| CVE-2012-3297 | Cross-site scripting (XSS) vulnerability in the embedded HTTP server in the Service Console in IBM T... | S | |
| CVE-2012-3298 | Unspecified vulnerability in the REST services framework in IBM WebSphere Commerce 7.0 Feature Pack ... | | |
| CVE-2012-3300 | IBM WebSphere Commerce 7.0 before 7.0.0.6, when persistent sessions and personalization IDs are enab... | | |
| CVE-2012-3301 | Multiple CRLF injection vulnerabilities in the HTTP server in IBM Lotus Domino 8.5.x before 8.5.4 al... | | |
| CVE-2012-3302 | Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Domino 7.x and 8.x before 8.5.4 all... | | |
| CVE-2012-3304 | The Administrative Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before... | | |
| CVE-2012-3305 | Directory traversal vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0... | | |
| CVE-2012-3306 | IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5,... | | |
| CVE-2012-3308 | Cross-site scripting (XSS) vulnerability in IBM Sametime 8.0.2 through 8.5.2.1 allows remote attacke... | S | |
| CVE-2012-3309 | Cross-site request forgery (CSRF) vulnerability in the account-creation panel in IBM InfoSphere Guar... | | |
| CVE-2012-3310 | IBM Tivoli Federated Identity Manager (TFIM) before 6.1.1.14, 6.2.0 before 6.2.0.12, and 6.2.1 befor... | | |
| CVE-2012-3311 | IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5,... | | |
| CVE-2012-3312 | The datasource definition editor in IBM InfoSphere Guardium 8.2 and earlier, when the save-password ... | | |
| CVE-2012-3313 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in ... | | |
| CVE-2012-3314 | IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated Identity Manager Business Gateway ... | S | |
| CVE-2012-3315 | The Java servlets in the management console in IBM Tivoli Federated Identity Manager (TFIM) through ... | | |
| CVE-2012-3316 | Cross-site scripting (XSS) vulnerability in the Tivoli Process Automation Engine (TPAE) in IBM Maxim... | | |
| CVE-2012-3317 | IBM WebSphere Message Broker 6.1 before 6.1.0.11, 7.0 before 7.0.0.5, and 8.0 before 8.0.0.2 has inc... | | |
| CVE-2012-3319 | IBM Rational Business Developer 8.x before 8.0.1.4 allows remote attackers to obtain potentially sen... | | |
| CVE-2012-3321 | IBM SmartCloud Control Desk 7.5 allows remote authenticated users to bypass intended access restrict... | | |
| CVE-2012-3322 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asse... | | |
| CVE-2012-3323 | IBM Maximo Asset Management 6.2 before 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.3 allows rem... | | |
| CVE-2012-3324 | Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 ... | | |
| CVE-2012-3325 | IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.... | | |
| CVE-2012-3326 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud C... | | |
| CVE-2012-3327 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asse... | | |
| CVE-2012-3328 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1, Maximo Asset Management... | | |
| CVE-2012-3329 | IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator (B... | | |
| CVE-2012-3330 | The proxy server in IBM WebSphere Application Server 7.0 before 7.0.0.27, 8.0 before 8.0.0.5, and 8.... | | |
| CVE-2012-3331 | IBM Sametime allows remote attackers to obtain sensitive information from the Sametime Log database ... | M | |
| CVE-2012-3333 | CRLF injection vulnerability in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Contro... | | |
| CVE-2012-3334 | Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 11.50 before 11.50.xC9W2 and 11.70 ... | | |
| CVE-2012-3336 | IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to SQL injection. A remote authenticated at... | | |
| CVE-2012-3337 | IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to traverse directories on ... | | |
| CVE-2012-3338 | IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to bypass security restrict... | | |
| CVE-2012-3340 | IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to XML external entity injection, caused by... | | |
| CVE-2012-3341 | IBM InfoSphere Guardium 7.0, 8.0, 8.01, and 8.2 is vulnerable to cross-site scripting, caused by imp... | | |
| CVE-2012-3342 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug... | | |
| CVE-2012-3343 | Cross-site request forgery (CSRF) vulnerability in Microdasys before 3.5.1-B708, as used in Bloxx We... | | |
| CVE-2012-3345 | ioquake3 before r2253 allows local users to overwrite arbitrary files via a symlink attack on the /t... | | |
| CVE-2012-3347 | AutoFORM PDM Archive before 7.0 implements user accounts in a way that allows for JMX Console authen... | | |
| CVE-2012-3350 | SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitr... | E | |
| CVE-2012-3351 | Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player through 5.10.2295 al... | | |
| CVE-2012-3353 | The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling JCR content loader module makes... | | |
| CVE-2012-3354 | doku.php in DokuWiki, as used in Fedora 16, 17, and 18, when certain PHP error levels are set, allow... | | |
| CVE-2012-3355 | (1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in GN... | | |
| CVE-2012-3356 | The remote SVN views functionality (lib/vclib/svn/svn_ra.py) in ViewVC before 1.1.15 does not proper... | | |
| CVE-2012-3357 | The SVN revision view (lib/vclib/svn/svn_repos.py) in ViewVC before 1.1.15 does not properly handle ... | | |
| CVE-2012-3358 | Multiple heap-based buffer overflows in the j2k_read_sot function in j2k.c in OpenJPEG 1.5 allow rem... | | |
| CVE-2012-3359 | Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the __ac... | | |
| CVE-2012-3360 | Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) an... | E S | |
| CVE-2012-3361 | virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) al... | E S | |
| CVE-2012-3362 | Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attac... | E | |
| CVE-2012-3363 | Zend_XmlRpc in Zend Framework 1.x before 1.11.12 and 1.12.x before 1.12.0 does not properly handle S... | S | |
| CVE-2012-3364 | Multiple stack-based buffer overflows in the Near Field Communication Controller Interface (NCI) in ... | | |
| CVE-2012-3365 | The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir pro... | | |
| CVE-2012-3366 | The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the clien... | S | |
| CVE-2012-3367 | Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check... | E S | |
| CVE-2012-3368 | Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive inform... | E S | |
| CVE-2012-3369 | The CallerIdentityLoginModule in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platf... | | |
| CVE-2012-3370 | The SecurityAssociation.getCredential method in JBoss Enterprise Application Platform (EAP) before 5... | | |
| CVE-2012-3371 | The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when DifferentHos... | E S | |
| CVE-2012-3372 | The default configuration of Cyberoam UTM appliances uses the same Certification Authority certifica... | | |
| CVE-2012-3373 | Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.21 and 1.5.x before 1.5.8... | | |
| CVE-2012-3374 | Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows ... | E S | |
| CVE-2012-3375 | The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly hand... | E | |
| CVE-2012-3376 | DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is en... | | |
| CVE-2012-3377 | Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c)... | | |
| CVE-2012-3378 | The register_application function in atk-adaptor/bridge.c in GNOME at-spi2-atk 2.5.2 does not seed t... | | |
| CVE-2012-3379 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0808. Reason: This candida... | R | |
| CVE-2012-3380 | Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Ng... | S | |
| CVE-2012-3381 | sfcb in sblim-sfcb places a zero-length directory name in the LD_LIBRARY_PATH, which allows local us... | | |
| CVE-2012-3382 | Cross-site scripting (XSS) vulnerability in the ProcessRequest function in mcs/class/System.Web/Syst... | E S | |
| CVE-2012-3383 | The map_meta_cap function in wp-includes/capabilities.php in WordPress 3.4.x before 3.4.2, when the ... | | |
| CVE-2012-3384 | Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress before 3.4.1 allows r... | | |
| CVE-2012-3385 | WordPress before 3.4.1 does not properly restrict access to post contents such as private or draft p... | | |
| CVE-2012-3386 | The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writab... | E S | |
| CVE-2012-3387 | Moodle 2.3.x before 2.3.1 uses only a client-side check for whether references are permitted in a fi... | | |
| CVE-2012-3388 | The is_enrolled function in lib/accesslib.php in Moodle 2.2.x before 2.2.4 and 2.3.x before 2.3.1 do... | | |
| CVE-2012-3389 | Multiple cross-site scripting (XSS) vulnerabilities in mod/lti/typessettings.php in Moodle 2.2.x bef... | | |
| CVE-2012-3390 | lib/filelib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 does not properly restrict file ... | S | |
| CVE-2012-3391 | mod/forum/rsslib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 does not properly implement... | | |
| CVE-2012-3392 | mod/forum/unsubscribeall.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 does not consider w... | | |
| CVE-2012-3393 | Cross-site scripting (XSS) vulnerability in repository/lib.php in Moodle 2.1.x before 2.1.7 and 2.2.... | | |
| CVE-2012-3394 | auth/ldap/ntlmsso_attempt.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4,... | | |
| CVE-2012-3395 | SQL injection vulnerability in mod/feedback/complete.php in Moodle 2.0.x before 2.0.10, 2.1.x before... | | |
| CVE-2012-3396 | Cross-site scripting (XSS) vulnerability in cohort/edit_form.php in Moodle 2.0.x before 2.0.10, 2.1.... | | |
| CVE-2012-3397 | lib/modinfolib.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x ... | | |
| CVE-2012-3398 | Algorithmic complexity vulnerability in Moodle 1.9.x before 1.9.19, 2.0.x before 2.0.10, 2.1.x befor... | | |
| CVE-2012-3399 | Config/diff.php in Basilic 1.5.14 allows remote attackers to execute arbitrary commands via shell me... | E | |
| CVE-2012-3400 | Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel... | E | |
| CVE-2012-3401 | The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not... | | |
| CVE-2012-3402 | Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD plugin in GIMP 2.2.13 and earli... | | |
| CVE-2012-3403 | Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP 2.8.x and earlier allows remo... | | |
| CVE-2012-3404 | The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other... | E S | |
| CVE-2012-3405 | The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other... | | |
| CVE-2012-3406 | The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probabl... | | |
| CVE-2012-3407 | plow has local buffer overflow vulnerability... | | |
| CVE-2012-3408 | lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet Enterprise before 2.5.2, support... | E S | |
| CVE-2012-3409 | ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a... | | |
| CVE-2012-3410 | Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local us... | S | |
| CVE-2012-3411 | Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from pr... | S | |
| CVE-2012-3412 | The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers... | E | |
| CVE-2012-3413 | The HTMLQuoteColorer::process function in messageviewer/htmlquotecolorer.cpp in KDE PIM 4.6 through ... | | |
| CVE-2012-3414 | Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used ... | E | |
| CVE-2012-3415 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-2401. Reason: This candida... | R | |
| CVE-2012-3416 | Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions ... | | |
| CVE-2012-3417 | The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota (aka quota) before 3.17 invoke... | | |
| CVE-2012-3418 | libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attackers to cause a denial of servi... | | |
| CVE-2012-3419 | Performance Co-Pilot (PCP) before 3.6.5 exports some of the /proc file system, which allows attacker... | | |
| CVE-2012-3420 | Multiple memory leaks in Performance Co-Pilot (PCP) before 3.6.5 allow remote attackers to cause a d... | | |
| CVE-2012-3421 | The pduread function in pdu.c in libpcp in Performance Co-Pilot (PCP) before 3.6.5 does not properly... | | |
| CVE-2012-3422 | The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized... | | |
| CVE-2012-3423 | The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL termina... | E S | |
| CVE-2012-3424 | The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ru... | | |
| CVE-2012-3425 | The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1.... | | |
| CVE-2012-3426 | OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex,... | E S | |
| CVE-2012-3427 | EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application Platform (EAP) 5.1.2 uses 755 permiss... | | |
| CVE-2012-3428 | The IronJacamar container before 1.0.12.Final for JBoss Application Server, when allow-multiple-user... | | |
| CVE-2012-3429 | The dns_to_ldap_dn_escape function in src/ldap_convert.c in bind-dyndb-ldap 1.1.0rc1 and earlier doe... | E S | |
| CVE-2012-3430 | The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a c... | E | |
| CVE-2012-3431 | The Teiid Java Database Connectivity (JDBC) socket, as used in JBoss Enterprise Data Services Platfo... | | |
| CVE-2012-3432 | The handle_mmio function in arch/x86/hvm/io.c in the MMIO operations emulator for Xen 3.3 and 4.x, w... | E | |
| CVE-2012-3433 | Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of service (domain 0 VCPU hang a... | | |
| CVE-2012-3434 | Multiple cross-site scripting (XSS) vulnerabilities in userperspan.php in the Count Per Day module b... | E S | |
| CVE-2012-3435 | SQL injection vulnerability in frontends/php/popup_bitem.php in Zabbix 1.8.15rc1 and earlier, and 2.... | E S | |
| CVE-2012-3436 | OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows ... | E | |
| CVE-2012-3437 | The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8 and earlier does not use the pro... | | |
| CVE-2012-3438 | The Magick_png_malloc function in coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper var... | E S | |
| CVE-2012-3439 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-5885, CVE-2012-5886, CVE-201... | R | |
| CVE-2012-3440 | A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to o... | E | |
| CVE-2012-3441 | The database creation script (module/idoutils/db/scripts/create_mysqldb.sh) in Icinga 1.7.1 grants a... | | |
| CVE-2012-3442 | The (1) django.http.HttpResponseRedirect and (2) django.http.HttpResponsePermanentRedirect classes i... | S | |
| CVE-2012-3443 | The django.forms.ImageField class in the form system in Django before 1.3.2 and 1.4.x before 1.4.1 c... | S | |
| CVE-2012-3444 | The get_image_dimensions function in the image-handling functionality in Django before 1.3.2 and 1.4... | S | |
| CVE-2012-3445 | The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API c... | | |
| CVE-2012-3446 | Apache Libcloud before 0.11.1 uses an incorrect regular expression during verification of whether th... | E | |
| CVE-2012-3447 | virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 and Folsom before Folsom-3 all... | E S | |
| CVE-2012-3448 | Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote attackers to execute arbitrary P... | E S | |
| CVE-2012-3449 | Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/inc... | | |
| CVE-2012-3450 | pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x before 5.4.4 does not properly... | | |
| CVE-2012-3451 | Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execu... | S | |
| CVE-2012-3452 | gnome-screensaver 3.4.x before 3.4.4 and 3.5.x before 3.5.4, when multiple screens are used, only lo... | | |
| CVE-2012-3453 | logol 1.5.0 uses world writable permissions for the /var/lib/logol/results directory, which allows l... | | |
| CVE-2012-3454 | eXtplorer 2.1.0b6 uses world writable permissions for the /var/lib/extplorer/ftp_tmp directory, whic... | | |
| CVE-2012-3455 | Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in th... | | |
| CVE-2012-3456 | Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in th... | E | |
| CVE-2012-3457 | PNP4Nagios 0.6 through 0.6.16 uses world-readable permissions for process_perfdata.cfg, which allows... | | |
| CVE-2012-3458 | Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which mig... | | |
| CVE-2012-3459 | Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows... | | |
| CVE-2012-3460 | cumin: At installation postgresql database user created without password... | | |
| CVE-2012-3461 | The (1) otrl_base64_otr_decode function in src/b64.c; (2) otrl_proto_data_read_flags and (3) otrl_pr... | | |
| CVE-2012-3462 | A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HB... | E S | |
| CVE-2012-3463 | Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_helper.rb in... | S | |
| CVE-2012-3464 | Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_... | | |
| CVE-2012-3465 | Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb in... | | |
| CVE-2012-3466 | GNOME gnome-keyring 3.4.0 through 3.4.1, when gpg-cache-method is set to "idle" or "timeout," does n... | E S | |
| CVE-2012-3467 | Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shad... | | |
| CVE-2012-3468 | Multiple SQL injection vulnerabilities in the Ushahidi Platform before 2.5 allow remote attackers to... | E S | |
| CVE-2012-3469 | Multiple SQL injection vulnerabilities in the Ushahidi Platform before 2.5 allow remote attackers to... | E S | |
| CVE-2012-3470 | Multiple SQL injection vulnerabilities in application/libraries/api/MY_Countries_Api_Object.php in t... | E S | |
| CVE-2012-3471 | Multiple SQL injection vulnerabilities in the edit functions in (1) application/controllers/admin/re... | E S | |
| CVE-2012-3472 | The email API in application/libraries/api/MY_Email_Api_Object.php in the Ushahidi Platform before 2... | E S | |
| CVE-2012-3473 | The (1) reports API and (2) administration feature in the comments API in the Ushahidi Platform befo... | E S | |
| CVE-2012-3474 | The comments API in application/libraries/api/MY_Comments_Api_Object.php in the Ushahidi Platform be... | E S | |
| CVE-2012-3475 | The installer in the Ushahidi Platform before 2.5 omits certain calls to the exit function, which al... | S | |
| CVE-2012-3476 | Multiple cross-site scripting (XSS) vulnerabilities in (1) application/views/admin/layout.php and (2... | E S | |
| CVE-2012-3477 | SQL injection vulnerability in signup_check.php in NeoInvoice allows remote attackers to execute arb... | E | |
| CVE-2012-3478 | rssh 2.3.3 and earlier allows local users to bypass intended restricted shell access via crafted env... | | |
| CVE-2012-3479 | lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variabl... | S | |
| CVE-2012-3480 | Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspe... | | |
| CVE-2012-3481 | Integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c in the GIF image forma... | | |
| CVE-2012-3482 | Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM ser... | S | |
| CVE-2012-3483 | Race condition in the runScript function in Tunnelblick 3.3beta20 and earlier allows local users to ... | | |
| CVE-2012-3484 | Tunnelblick 3.3beta20 and earlier relies on a test for specific ownership and permissions to determi... | | |
| CVE-2012-3485 | Tunnelblick 3.3beta20 and earlier relies on argv[0] to determine the name of an appropriate (1) kern... | E | |
| CVE-2012-3486 | Tunnelblick 3.3beta20 and earlier allows local users to gain privileges via an OpenVPN configuration... | | |
| CVE-2012-3487 | Race condition in Tunnelblick 3.3beta20 and earlier allows local users to kill unintended processes ... | | |
| CVE-2012-3488 | The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9... | | |
| CVE-2012-3489 | The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before ... | S | |
| CVE-2012-3490 | The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) syst... | | |
| CVE-2012-3491 | src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not proper... | | |
| CVE-2012-3492 | The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x... | | |
| CVE-2012-3493 | The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and ... | | |
| CVE-2012-3494 | The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenSer... | S | |
| CVE-2012-3495 | The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 an... | | |
| CVE-2012-3496 | XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when trans... | S | |
| CVE-2012-3497 | (1) TMEMC_SAVE_GET_CLIENT_WEIGHT, (2) TMEMC_SAVE_GET_CLIENT_CAP, (3) TMEMC_SAVE_GET_CLIENT_FLAGS and... | | |
| CVE-2012-3498 | PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest ... | | |
| CVE-2012-3499 | Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-de... | | |
| CVE-2012-3500 | scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows lo... | S | |
| CVE-2012-3501 | The squidclamav_check_preview_handler function in squidclamav.c in SquidClamav 5.x before 5.8 and 6.... | E S | |
| CVE-2012-3502 | The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c ... | | |
| CVE-2012-3503 | The installation script in Katello 1.0 and earlier does not properly generate the Application.config... | S | |
| CVE-2012-3504 | The nssconfigFound function in genkey.pl in crypto-utils 2.4.1-34 allows local users to overwrite ar... | E | |
| CVE-2012-3505 | Tinyproxy 1.8.3 and earlier allows remote attackers to cause a denial of service (CPU and memory con... | | |
| CVE-2012-3506 | Unspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.0... | S | |
| CVE-2012-3507 | Cross-site scripting (XSS) vulnerability in program/steps/mail/func.inc in RoundCube Webmail before ... | E | |
| CVE-2012-3508 | Cross-site scripting (XSS) vulnerability in program/lib/washtml.php in Roundcube Webmail 0.8.0 allow... | S | |
| CVE-2012-3509 | Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc ... | S | |
| CVE-2012-3510 | Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel be... | E | |
| CVE-2012-3511 | Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3... | E S | |
| CVE-2012-3512 | Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory a... | E | |
| CVE-2012-3513 | munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote atta... | E | |
| CVE-2012-3514 | OCaml Xml-Light Library before r234 computes hash values without restricting the ability to trigger ... | | |
| CVE-2012-3515 | Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a vir... | M | |
| CVE-2012-3516 | The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServ... | S | |
| CVE-2012-3517 | Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a... | S | |
| CVE-2012-3518 | The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not p... | | |
| CVE-2012-3519 | routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration dependi... | | |
| CVE-2012-3520 | The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that ... | E | |
| CVE-2012-3521 | Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 a... | E S | |
| CVE-2012-3522 | Cross-site scripting (XSS) vulnerability in contrib/langwiz.php in GeSHi before 1.0.8.11 allows remo... | E S | |
| CVE-2012-3523 | The STARTTLS implementation in nnrpd in INN before 2.5.3 does not properly restrict I/O buffering, w... | | |
| CVE-2012-3524 | libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly ot... | E S | |
| CVE-2012-3525 | s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server ... | E S | |
| CVE-2012-3526 | The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote... | | |
| CVE-2012-3527 | view_help.php in the backend help system in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x... | | |
| CVE-2012-3528 | Multiple cross-site scripting (XSS) vulnerabilities in the backend in TYPO3 4.5.x before 4.5.19, 4.6... | | |
| CVE-2012-3529 | The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x ... | | |
| CVE-2012-3530 | Incomplete blacklist vulnerability in the t3lib_div::quoteJSvalue API function in TYPO3 4.5.x before... | | |
| CVE-2012-3531 | Cross-site scripting (XSS) vulnerability in the Install Tool in TYPO3 4.5.x before 4.5.19, 4.6.x bef... | | |
| CVE-2012-3532 | Cross-site request forgery (CSRF) vulnerability in the GateIn Portal component in JBoss Enterprise P... | | |
| CVE-2012-3533 | The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL cer... | | |
| CVE-2012-3534 | GNU Gatekeeper before 3.1 does not limit the number of connections to the status port, which allows ... | | |
| CVE-2012-3535 | Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial o... | E | |
| CVE-2012-3536 | Two XSS vulnerabilities were fixed in message list and view in the Hupa Webmail application from the... | | |
| CVE-2012-3537 | The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barcl... | E S | |
| CVE-2012-3538 | Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which ... | | |
| CVE-2012-3539 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4681. Reason: This candidate... | R | |
| CVE-2012-3540 | Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) a... | E S | |
| CVE-2012-3541 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2012-3542 | OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex (2012.1), allo... | S | |
| CVE-2012-3543 | mono 2.10.x ASP.NET Web Form Hash collision DoS... | E S | |
| CVE-2012-3544 | Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in c... | S | |
| CVE-2012-3545 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2012-3546 | org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, w... | S | |
| CVE-2012-3547 | Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when u... | | |
| CVE-2012-3548 | The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8... | E S | |
| CVE-2012-3549 | The SCTP implementation in FreeBSD 8.2 allows remote attackers to cause a denial of service (NULL po... | E | |
| CVE-2012-3550 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-3467. Reason: This candida... | R | |
| CVE-2012-3551 | Cross-site scripting (XSS) vulnerability in crowbar_framework/app/views/support/index.html.haml in t... | E S | |
| CVE-2012-3552 | Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers ... | S | |
| CVE-2012-3553 | chan_skinny.c in the Skinny (aka SCCP) channel driver in Asterisk Open Source 10.x before 10.5.1 all... | | |
| CVE-2012-3554 | SQL injection vulnerability in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.... | | |
| CVE-2012-3555 | Opera before 11.65 does not ensure that keyboard sequences are associated with a visible window, whi... | | |
| CVE-2012-3556 | Opera before 11.65 does not properly restrict the opening of a pop-up window in response to the firs... | | |
| CVE-2012-3557 | Opera before 11.65 does not properly restrict the reading of JSON strings, which allows remote attac... | | |
| CVE-2012-3558 | Opera before 11.65 does not ensure that the address field corresponds to the displayed web page duri... | | |
| CVE-2012-3559 | Unspecified vulnerability in Opera before 12.00 on Mac OS X has unknown impact and attack vectors, r... | | |
| CVE-2012-3560 | Opera before 11.65 does not ensure that the address field corresponds to the displayed web page duri... | | |
| CVE-2012-3561 | Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers ... | | |
| CVE-2012-3562 | Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (applicat... | | |
| CVE-2012-3563 | Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via... | | |
| CVE-2012-3564 | Opera before 12.00 Beta allows remote attackers to cause a denial of service (application hang) via ... | | |
| CVE-2012-3565 | Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via... | | |
| CVE-2012-3566 | Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (applicat... | | |
| CVE-2012-3567 | Opera before 12.00 Beta allows remote attackers to cause a denial of service (memory consumption or ... | | |
| CVE-2012-3568 | Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via... | | |
| CVE-2012-3569 | Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x bef... | S | |
| CVE-2012-3570 | Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attack... | | |
| CVE-2012-3571 | ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial... | | |
| CVE-2012-3572 | Open Source Competency Center (OSCC) MyMeeting 3.0.1 and earlier, and MyMesyuarat 09b-1, does not pr... | | |
| CVE-2012-3573 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2012-3574 | Unrestricted file upload vulnerability in includes/doajaxfileupload.php in the MM Forms Community pl... | E | |
| CVE-2012-3575 | Unrestricted file upload vulnerability in uploader.php in the RBX Gallery plugin 2.1 for WordPress a... | E | |
| CVE-2012-3576 | Unrestricted file upload vulnerability in php/upload.php in the wpStoreCart plugin before 2.5.30 for... | E | |
| CVE-2012-3577 | Unrestricted file upload vulnerability in doupload.php in the Nmedia Member Conversation plugin befo... | E | |
| CVE-2012-3578 | Unrestricted file upload vulnerability in html/Upload.php in the FCChat Widget plugin 2.2.13.1 and e... | E | |
| CVE-2012-3579 | Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, whic... | | |
| CVE-2012-3580 | Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web app... | | |
| CVE-2012-3581 | Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive... | | |
| CVE-2012-3582 | Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly manage sessions that include ... | | |
| CVE-2012-3583 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2012-3585 | Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in ... | | |
| CVE-2012-3587 | APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyring... | | |
| CVE-2012-3588 | Directory traversal vulnerability in preview.php in the Plugin Newsletter plugin 1.5 for WordPress a... | E | |
| CVE-2012-3589 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3590 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3591 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3592 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3593 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3594 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3595 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3596 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3597 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3598 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3599 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3600 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3601 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3602 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3603 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3604 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3605 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3606 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3607 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3608 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3609 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3610 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3611 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3612 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3613 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3614 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3615 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3616 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3617 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3618 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3619 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3620 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3621 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3622 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3623 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3624 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3625 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3626 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3627 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3628 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3629 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3630 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3631 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3632 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3633 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3634 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3635 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3636 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3637 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3638 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3639 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3640 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3641 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3642 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3643 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3644 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3645 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3646 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3647 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3648 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3649 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3650 | WebKit in Apple Safari before 6.0 accesses uninitialized memory locations during the rendering of SV... | | |
| CVE-2012-3651 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3652 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3653 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3654 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3655 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3656 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3657 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3658 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3659 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3660 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3661 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3662 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3663 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3664 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3665 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3666 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3667 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3668 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3669 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3670 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3671 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3672 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3673 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3674 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3675 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3676 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3677 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3678 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3679 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3680 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3681 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3682 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3683 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3684 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3685 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3686 | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cau... | | |
| CVE-2012-3687 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3688 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3689 | WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-a... | | |
| CVE-2012-3690 | WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-a... | | |
| CVE-2012-3691 | WebKit in Apple Safari before 6.0 does not properly handle Cascading Style Sheets (CSS) property val... | | |
| CVE-2012-3692 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3693 | Incomplete blacklist vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to s... | | |
| CVE-2012-3694 | WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-a... | | |
| CVE-2012-3695 | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 6.0 allows remote attacker... | | |
| CVE-2012-3696 | CRLF injection vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to inject ... | | |
| CVE-2012-3697 | WebKit in Apple Safari before 6.0 does not properly handle file: URLs, which allows remote attackers... | | |
| CVE-2012-3698 | Apple Xcode before 4.4 does not properly compose a designated requirement (DR) during signing of pro... | | |
| CVE-2012-3699 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3700 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3701 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3702 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3703 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3704 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3705 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3706 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3707 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3708 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3709 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3710 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3711 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3712 | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2012-3713 | Apple Safari before 6.0.1 does not properly handle the Quarantine attribute of HTML documents, which... | | |
| CVE-2012-3714 | The Form Autofill feature in Apple Safari before 6.0.1 does not restrict the filled fields to the se... | | |
| CVE-2012-3715 | Apple Safari before 6.0.1 makes http requests for https URIs in certain circumstances involving a pa... | | |
| CVE-2012-3716 | CoreText in Apple Mac OS X 10.7.x before 10.7.5 allows remote attackers to execute arbitrary code or... | | |
| CVE-2012-3717 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3718 | Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered i... | | |
| CVE-2012-3719 | Mail in Apple Mac OS X before 10.7.5 does not properly handle embedded web plugins, which allows rem... | | |
| CVE-2012-3720 | Mobile Accounts in Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 saves password hashes for e... | | |
| CVE-2012-3721 | Profile Manager in Apple Mac OS X before 10.7.5 does not properly perform authentication for the Dev... | | |
| CVE-2012-3722 | The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, a... | | |
| CVE-2012-3723 | Apple Mac OS X before 10.7.5 does not properly handle the bNbrPorts field of a USB hub descriptor, w... | | |
| CVE-2012-3724 | CFNetwork in Apple iOS before 6 does not properly identify the host portion of a URL, which allows r... | | |
| CVE-2012-3725 | The DNAv4 protocol implementation in the DHCP component in Apple iOS before 6 sends Wi-Fi packets co... | | |
| CVE-2012-3726 | Double free vulnerability in ImageIO in Apple iOS before 6 allows remote attackers to execute arbitr... | | |
| CVE-2012-3727 | Buffer overflow in the IPsec component in Apple iOS before 6 allows remote attackers to execute arbi... | | |
| CVE-2012-3728 | The kernel in Apple iOS before 6 dereferences invalid pointers during the handling of packet-filter ... | | |
| CVE-2012-3729 | The Berkeley Packet Filter (BPF) interpreter implementation in the kernel in Apple iOS before 6 acce... | | |
| CVE-2012-3730 | Mail in Apple iOS before 6 does not properly handle reuse of Content-ID header values, which allows ... | | |
| CVE-2012-3731 | Mail in Apple iOS before 6 does not properly implement the Data Protection feature for e-mail attach... | | |
| CVE-2012-3732 | Mail in Apple iOS before 6 uses an S/MIME message's From address as the displayed sender address, wh... | | |
| CVE-2012-3733 | Messages in Apple iOS before 6, when multiple iMessage e-mail addresses are configured, does not ens... | | |
| CVE-2012-3734 | Office Viewer in Apple iOS before 6 writes cleartext document data to a temporary file, which might ... | | |
| CVE-2012-3735 | The Passcode Lock implementation in Apple iOS before 6 does not properly interact with the "Slide to... | | |
| CVE-2012-3736 | The Passcode Lock implementation in Apple iOS before 6 allows physically proximate attackers to bypa... | | |
| CVE-2012-3737 | The Passcode Lock implementation in Apple iOS before 6 does not properly restrict photo viewing, whi... | | |
| CVE-2012-3738 | The Emergency Dialer screen in the Passcode Lock implementation in Apple iOS before 6 does not prope... | | |
| CVE-2012-3739 | The Passcode Lock implementation in Apple iOS before 6 allows physically proximate attackers to bypa... | | |
| CVE-2012-3740 | The Passcode Lock implementation in Apple iOS before 6 does not properly manage the lock state, whic... | | |
| CVE-2012-3741 | The Restrictions (aka Parental Controls) implementation in Apple iOS before 6 does not properly hand... | | |
| CVE-2012-3742 | Safari in Apple iOS before 6 does not properly restrict use of an unspecified Unicode character that... | | |
| CVE-2012-3743 | The System Logs implementation in Apple iOS before 6 does not restrict /var/log access by sandboxed ... | | |
| CVE-2012-3744 | Telephony in Apple iOS before 6 uses an SMS message's return address as the displayed sender address... | | |
| CVE-2012-3745 | Off-by-one error in Telephony in Apple iOS before 6 allows remote attackers to cause a denial of ser... | | |
| CVE-2012-3746 | UIWebView in UIKit in Apple iOS before 6 does not properly use the Data Protection feature, which al... | | |
| CVE-2012-3747 | WebKit, as used in Apple iOS before 6, allows remote attackers to execute arbitrary code or cause a ... | | |
| CVE-2012-3748 | Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers t... | | |
| CVE-2012-3749 | The extensions APIs in the kernel in Apple iOS before 6.0.1 provide kernel addresses in responses th... | | |
| CVE-2012-3750 | The Passcode Lock implementation in Apple iOS before 6.0.1 does not properly manage the lock state, ... | | |
| CVE-2012-3751 | Use-after-free vulnerability in the plugin in Apple QuickTime before 7.7.3 allows remote attackers t... | | |
| CVE-2012-3752 | Multiple buffer overflows in Apple QuickTime before 7.7.3 allow remote attackers to execute arbitrar... | | |
| CVE-2012-3753 | Buffer overflow in the plugin in Apple QuickTime before 7.7.3 allows remote attackers to execute arb... | | |
| CVE-2012-3754 | Use-after-free vulnerability in the Clear method in the ActiveX control in Apple QuickTime before 7.... | | |
| CVE-2012-3755 | Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or... | | |
| CVE-2012-3756 | Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or... | | |
| CVE-2012-3757 | Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of ... | | |
| CVE-2012-3758 | Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or... | | |
| CVE-2012-3759 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3760 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3761 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3762 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3763 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3764 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3765 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3766 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3767 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3768 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3769 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3770 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3771 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3772 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3773 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3774 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3775 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3776 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3777 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3778 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3779 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3780 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3781 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3782 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3783 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3784 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3785 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3786 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3787 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3788 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2012-3789 | Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.7rc3, 0.5.x before 0.5.6rc3, 0.6.0.x... | | |
| CVE-2012-3790 | Cross-site scripting (XSS) vulnerability in index.php in Adiscon LogAnalyzer before 3.4.4 and 3.5.x ... | E S | |
| CVE-2012-3791 | Multiple SQL injection vulnerabilities in Simple Web Content Management System 1.1 allow remote atta... | E | |
| CVE-2012-3792 | Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 an... | E | |
| CVE-2012-3793 | Integer overflow in Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-S... | E | |
| CVE-2012-3794 | Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 an... | E | |
| CVE-2012-3795 | Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 an... | E | |
| CVE-2012-3796 | Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 an... | E | |
| CVE-2012-3797 | Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 an... | | |
| CVE-2012-3798 | The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when creating a local user account, allow... | S | |
| CVE-2012-3799 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Maestro module 7.x-1.x before 7.x-... | E S | |
| CVE-2012-3800 | Cross-site scripting (XSS) vulnerability in og.js in the Organic Groups (OG) module 6.x-2.x before 6... | E S | |
| CVE-2012-3801 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-2704. Reason: This candida... | R | |
| CVE-2012-3802 | Unspecified vulnerability in the Post Affiliate Pro (PAP) module for Drupal allows remote authentica... | S | |
| CVE-2012-3805 | Multiple cross-site scripting (XSS) vulnerabilities in the getAllPassedParams function in system/fun... | E | |
| CVE-2012-3806 | Samsung Kies before 2.5.0.12094_27_11 contains a NULL pointer dereference vulnerability which could ... | | |
| CVE-2012-3807 | Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution.... | | |
| CVE-2012-3808 | Samsung Kies before 2.5.0.12094_27_11 has arbitrary file modification.... | | |
| CVE-2012-3809 | Samsung Kies before 2.5.0.12094_27_11 has arbitrary directory modification.... | | |
| CVE-2012-3810 | Samsung Kies before 2.5.0.12094_27_11 has registry modification.... | | |
| CVE-2012-3811 | Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP ... | | |
| CVE-2012-3812 | Double free vulnerability in apps/app_voicemail.c in Asterisk Open Source 1.8.x before 1.8.13.1 and ... | | |
| CVE-2012-3814 | Unrestricted file upload vulnerability in font-upload.php in the Font Uploader plugin 1.2.4 for Word... | E | |
| CVE-2012-3815 | Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCA... | E | |
| CVE-2012-3816 | WinRadius Server 2009 allows remote attackers to cause a denial of service (crash) via a long passwo... | E | |
| CVE-2012-3817 | ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P... | | |
| CVE-2012-3818 | The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password... | | |
| CVE-2012-3819 | Stack consumption vulnerability in dartwebserver.dll 1.9 and earlier, as used in Dart PowerTCP WebSe... | E | |
| CVE-2012-3820 | Multiple SQL injection vulnerabilities in Campaign11.exe in Arial Software Campaign Enterprise befor... | E | |
| CVE-2012-3821 | A Security Bypass vulnerability exists in the activate.asp page in Arial Software Campaign Enterpris... | E | |
| CVE-2012-3822 | Arial Campaign Enterprise before 11.0.551 has unauthorized access to the User-Edit.asp page, which a... | E | |
| CVE-2012-3823 | Arial Campaign Enterprise before 11.0.551 stores passwords in clear text and these may be retrieved.... | E | |
| CVE-2012-3824 | In Arial Campaign Enterprise before 11.0.551, multiple pages are accessible without authentication o... | E | |
| CVE-2012-3825 | Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote atta... | | |
| CVE-2012-3826 | Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote att... | | |
| CVE-2012-3828 | Cross-site scripting (XSS) vulnerability in Joomla! 2.5.3 allows remote attackers to inject arbitrar... | | |
| CVE-2012-3829 | Joomla! 2.5.3 allows remote attackers to obtain the installation path via the Host HTTP Header.... | E | |
| CVE-2012-3830 | Cross-site scripting (XSS) vulnerability in decoda/templates/video.php in Decoda before 3.3.3 allows... | E S | |
| CVE-2012-3831 | Cross-site scripting (XSS) vulnerability in decoda/templates/video.php in Decoda before 3.3.1 allows... | E S | |
| CVE-2012-3832 | Cross-site scripting (XSS) vulnerability in decoda/Decoda.php in Decoda before 3.2 allows remote att... | E S | |
| CVE-2012-3833 | Cross-site scripting (XSS) vulnerability in the default index page in admin/ in Quick.CMS 4.0 allows... | E | |
| CVE-2012-3834 | SQL injection vulnerability in forensics/base_qry_main.php in AlienVault Open Source Security Inform... | E | |
| CVE-2012-3835 | Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information M... | E | |
| CVE-2012-3836 | Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko before 1.2.0 allow remote attacker... | E | |
| CVE-2012-3837 | Multiple cross-site scripting (XSS) vulnerabilities in apps/users/registration.template.php in Baby ... | E | |
| CVE-2012-3838 | Gekko before 1.2.0 allows remote attackers to obtain the installation path via a direct request to (... | E | |
| CVE-2012-3839 | Multiple SQL injection vulnerabilities in application/core/MY_Model.php in MyClientBase 0.12 allow r... | E | |
| CVE-2012-3840 | Multiple cross-site scripting (XSS) vulnerabilities in index.php/users/form/user_id in MyClientBase ... | E | |
| CVE-2012-3841 | Untrusted search path vulnerability in KMPlayer 3.2.0.19 allows local users to execute arbitrary cod... | E | |
| CVE-2012-3842 | Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in JBMC Software DirectAdmin 1.403... | E | |
| CVE-2012-3843 | Cross-site scripting (XSS) vulnerability in the registration page in e107, probably 1.0.1, allows re... | | |
| CVE-2012-3844 | Cross-site scripting (XSS) vulnerability in vBulletin 4.1.12 allows remote attackers to inject arbit... | | |
| CVE-2012-3845 | Buffer overflow in LAN Messenger 1.2.28 and earlier allows remote attackers to cause a denial of ser... | E | |
| CVE-2012-3846 | Cross-site scripting (XSS) vulnerability in index.php in PHP-pastebin 2.1 allows remote attackers to... | | |
| CVE-2012-3847 | slssvc.exe in Invensys Wonderware SuiteLink in Invensys InTouch 2012 and Wonderware Application Serv... | | |
| CVE-2012-3848 | Multiple cross-site scripting (XSS) vulnerabilities in the web console in Plixer Scrutinizer (aka De... | E | |
| CVE-2012-3859 | Unspecified vulnerability in the WebAdmin Portal in Netsweeper has unknown impact and attack vectors... | | |
| CVE-2012-3863 | channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Asterisk B... | S | |
| CVE-2012-3864 | Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote auth... | E S | |
| CVE-2012-3865 | Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x b... | E S | |
| CVE-2012-3866 | lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 ... | E S | |
| CVE-2012-3867 | lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet ... | E S | |
| CVE-2012-3868 | Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote... | | |
| CVE-2012-3869 | Cross-site scripting (XSS) vulnerability in include/classes/class.rex_list.inc.php in REDAXO 4.3.x a... | E | |
| CVE-2012-3870 | Multiple cross-site scripting (XSS) vulnerabilities in objects/createobject.php in Open Constructor ... | | |
| CVE-2012-3871 | Cross-site scripting (XSS) vulnerability in data/hybrid/i_hybrid.php in Open Constructor 3.12.0 allo... | E | |
| CVE-2012-3872 | Multiple cross-site scripting (XSS) vulnerabilities in Open Constructor 3.12.0 allow remote attacker... | E | |
| CVE-2012-3873 | Multiple SQL injection vulnerabilities in Open Constructor 3.12.0 allow remote authenticated users t... | E | |
| CVE-2012-3878 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2012-3881 | Multiple SQL injection vulnerabilities in RTG 0.7.4 and RTG2 0.9.2 allow remote attackers to execute... | | |
| CVE-2012-3884 | AirDroid 1.0.4 beta implements authentication through direct transmission of a password hash over HT... | E | |
| CVE-2012-3885 | The default configuration of AirDroid 1.0.4 beta uses a four-character alphanumeric password, which ... | E | |
| CVE-2012-3886 | AirDroid 1.0.4 beta uses the MD5 algorithm for values in the checklogin key parameter and 7bb cookie... | E | |
| CVE-2012-3887 | AirDroid before 1.0.7 beta uses a cleartext base64 format for data transfer that is documented as an... | E | |
| CVE-2012-3888 | The login implementation in AirDroid 1.0.4 beta allows remote attackers to bypass a multiple-login p... | E | |
| CVE-2012-3889 | The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory... | S | |
| CVE-2012-3890 | The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap m... | S | |
| CVE-2012-3893 | The FlexVPN implementation in Cisco IOS 15.2 and 15.3 allows remote authenticated users to cause a d... | | |
| CVE-2012-3895 | Cisco IOS 15.0 through 15.3 allows remote authenticated users to cause a denial of service (device c... | | |
| CVE-2012-3899 | sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not properly allocate memory, whic... | | |
| CVE-2012-3901 | The updateTime function in sensorApp on Cisco IPS 4200 series sensors 7.0 and 7.1 allows remote atta... | | |
| CVE-2012-3908 | Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE Administrator user interface (... | | |
| CVE-2012-3913 | The Cisco VC220 and VC240 cameras allow remote attackers to cause a denial of service (WebUI outage)... | | |
| CVE-2012-3915 | The DMVPN tunnel implementation in Cisco IOS 15.2 allows remote attackers to cause a denial of servi... | | |
| CVE-2012-3918 | Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/... | | |
| CVE-2012-3919 | The Cisco Application Control Engine (ACE) module 3.0 for Cisco Catalyst switches and Cisco routers ... | | |
| CVE-2012-3923 | The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does no... | | |
| CVE-2012-3924 | The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is enabled, does not properly handle... | | |
| CVE-2012-3935 | Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber... | | |
| CVE-2012-3936 | Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 bef... | | |
| CVE-2012-3937 | Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 bef... | | |
| CVE-2012-3938 | Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 bef... | | |
| CVE-2012-3939 | Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 bef... | S | |
| CVE-2012-3940 | Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 bef... | S | |
| CVE-2012-3941 | Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 ... | S | |
| CVE-2012-3946 | Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunis... | | |
| CVE-2012-3949 | The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5,... | | |
| CVE-2012-3950 | The Intrusion Prevention System (IPS) feature in Cisco IOS 12.3 through 12.4 and 15.0 through 15.2, ... | | |
| CVE-2012-3951 | The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier h... | E | |
| CVE-2012-3952 | Cross-site scripting (XSS) vulnerability in admin/index.php in phpList before 2.10.19 allows remote ... | E | |
| CVE-2012-3953 | SQL injection vulnerability in admin/index.php in phpList before 2.10.19 allows remote administrator... | E S | |
| CVE-2012-3954 | Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allo... | | |
| CVE-2012-3955 | ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial... | | |
| CVE-2012-3956 | Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox ... | | |
| CVE-2012-3957 | Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.... | | |
| CVE-2012-3958 | Use-after-free vulnerability in the nsHTMLEditRules::DeleteNonTableElements function in Mozilla Fire... | | |
| CVE-2012-3959 | Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox bef... | | |
| CVE-2012-3960 | Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefo... | | |
| CVE-2012-3961 | Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox... | E | |
| CVE-2012-3962 | Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ES... | | |
| CVE-2012-3963 | Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 1... | | |
| CVE-2012-3964 | Use-after-free vulnerability in the gfxTextRun::GetUserData function in Mozilla Firefox before 15.0,... | | |
| CVE-2012-3965 | Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which al... | | |
| CVE-2012-3966 | Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ES... | | |
| CVE-2012-3967 | The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird... | E S | |
| CVE-2012-3968 | Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR... | | |
| CVE-2012-3969 | Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Fi... | | |
| CVE-2012-3970 | Use-after-free vulnerability in the nsTArray_base::Length function in Mozilla Firefox before 15.0, F... | | |
| CVE-2012-3971 | Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbir... | | |
| CVE-2012-3972 | The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox E... | | |
| CVE-2012-3973 | The debugger in the developer-tools subsystem in Mozilla Firefox before 15.0, when remote debugging ... | | |
| CVE-2012-3974 | Untrusted search path vulnerability in the installer in Mozilla Firefox before 15.0, Firefox ESR 10.... | | |
| CVE-2012-3975 | The DOMParser component in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey befor... | | |
| CVE-2012-3976 | Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not proper... | | |
| CVE-2012-3977 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4930. Reason: This candida... | R | |
| CVE-2012-3978 | The nsLocation::CheckURL function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Th... | | |
| CVE-2012-3979 | Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __andr... | | |
| CVE-2012-3980 | The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 1... | | |
| CVE-2012-3981 | Auth/Verify/LDAP.pm in Bugzilla 2.x and 3.x before 3.6.11, 3.7.x and 4.0.x before 4.0.8, 4.1.x and 4... | S | |
| CVE-2012-3982 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox E... | | |
| CVE-2012-3983 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Thunderbi... | | |
| CVE-2012-3984 | Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly hand... | | |
| CVE-2012-3985 | Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly impl... | | |
| CVE-2012-3986 | Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ES... | | |
| CVE-2012-3987 | Mozilla Firefox before 16.0 on Android assigns chrome privileges to Reader Mode pages, which allows ... | | |
| CVE-2012-3988 | Use-after-free vulnerability in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunder... | | |
| CVE-2012-3989 | Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly perf... | | |
| CVE-2012-3990 | Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0,... | | |
| CVE-2012-3991 | Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ES... | | |
| CVE-2012-3992 | Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ES... | | |
| CVE-2012-3993 | The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x befo... | | |
| CVE-2012-3994 | Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ES... | | |
| CVE-2012-3995 | The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, T... | | |
| CVE-2012-3996 | TikiWiki CMS/Groupware 8.3 and earlier allows remote attackers to obtain the installation path via a... | E S | |
| CVE-2012-3997 | Multiple cross-site scripting (XSS) vulnerabilities in Sticky Notes before 0.2.27052012.5 allow remo... | E S | |
| CVE-2012-3998 | Multiple SQL injection vulnerabilities in Sticky Notes before 0.2.27052012.5 allow remote attackers ... | E S | |
| CVE-2012-3999 | Cross-site scripting (XSS) vulnerability in admin/login.php in Sticky Notes 0.3.09062012.4 and earli... | |