|
296051
|
- |
|
w1.fi
|
hostapd
|
hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2389
|
2024-11-21 10:39 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296052
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
A certain Java applet in the VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 3.x before 3.0 MR7 on 64-bit Linux platforms does not properly restrict …
|
CWE-20
Improper Input Validation
|
CVE-2012-2496
|
2024-11-21 10:39 |
2012-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296053
|
- |
|
cisco
|
secure_desktop
anyconnect_secure_mobility_client
|
The HostScan downloader implementation in Cisco AnyConnect Secure Mobility Client 3.x before 3.0 MR8 and Cisco Secure Desktop before 3.6.6020 does not compare the timestamp of offered software to the…
|
CWE-20
Improper Input Validation
|
CVE-2012-2495
|
2024-11-21 10:39 |
2012-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296054
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to t…
|
CWE-20
Improper Input Validation
|
CVE-2012-2494
|
2024-11-21 10:39 |
2012-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296055
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Windows, and 2.x before 2.5 MR6 and 3.x before 3.0 MR8 on Mac OS X and Linu…
|
CWE-20
Improper Input Validation
|
CVE-2012-2493
|
2024-11-21 10:39 |
2012-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296056
|
- |
|
checkpoint
|
remote_access_clients
endpoint_security
endpoint_connect
endpoint_security_vpn
|
Untrusted search path vulnerability in TrGUI.exe in the Endpoint Connect (aka EPC) GUI in Check Point Endpoint Security R73.x and E80.x on the VPN blade platform, Endpoint Security VPN R75, Endpoint …
|
NVD-CWE-Other
|
CVE-2012-2753
|
2024-11-21 10:39 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296057
|
- |
|
wap2
|
smallpict
|
Cross-site scripting (XSS) vulnerability in SmallPICT.cgi in SmallPICT before 2.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2638
|
2024-11-21 10:39 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296058
|
- |
|
kent-web
|
web_patio
|
Cross-site scripting (XSS) vulnerability in KENT-WEB WEB PATIO 4.04 and earlier might allow remote attackers to inject arbitrary web script or HTML via a crafted cookie.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2637
|
2024-11-21 10:39 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296059
|
- |
|
kent-web
|
web_patio
|
Cross-site scripting (XSS) vulnerability in KENT-WEB WEB PATIO 4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2636
|
2024-11-21 10:39 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296060
|
- |
|
redhat
|
libvirt
|
libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associate…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2693
|
2024-11-21 10:39 |
2012-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
