|
292911
|
- |
|
mozilla
|
seamonkey
firefox
thunderbird
thunderbird_esr
|
The glBufferData function in the WebGL implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMon…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3105
|
2024-11-21 10:40 |
2012-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292912
|
- |
|
asterisk
sangoma
|
certified_asterisk
open_source
asterisk
|
chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authent…
|
CWE-399
Resource Management Errors
|
CVE-2012-2948
|
2024-11-21 10:40 |
2012-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292913
|
- |
|
debian
digium
|
debian_linux
asterisk
certified_asterisk
|
chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1, when a certain mohinterpret setting…
|
CWE-284
Improper Access Control
|
CVE-2012-2947
|
2024-11-21 10:40 |
2012-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292914
|
- |
|
jaow
|
jaow
|
SQL injection vulnerability in add_ons.php in Jaow 2.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the add_ons parameter.
|
CWE-89
SQL Injection
|
CVE-2012-2952
|
2024-11-21 10:40 |
2012-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292915
|
- |
|
zte
|
score_m
|
The ZTE sync_agent program for Android 2.3.4 on the Score M device uses a hardcoded ztex1609523 password to control access to commands, which allows remote attackers to gain privileges via a crafted …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2949
|
2024-11-21 10:40 |
2012-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292916
|
9.8 |
CRITICAL
Network
|
golang
|
go
|
golang/go in 1.0.2 fixes all.bash on shared machines. dotest() in src/pkg/debug/gosym/pclntab_test.go creates a temporary file with predicable name and executes it as shell script.
|
-
|
CVE-2012-2666
|
2024-11-21 10:39 |
2021-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292917
|
8.8 |
HIGH
Network
|
axous
|
axous
|
Multiple cross-site request forgery (CSRF) and cross-site scripting (XSS) vulnerabilities in Axous 1.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests…
|
CWE-352
Origin Validation Error
|
CVE-2012-2629
|
2024-11-21 10:39 |
2020-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292918
|
6.1 |
MEDIUM
Network
|
prestashop
|
prestashop
|
Cross-site scripting (XSS) vulnerability in PrestaShop before 1.4.9 allows remote attackers to inject arbitrary web script or HTML via the index of the product[] parameter to ajax.php.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2517
|
2024-11-21 10:39 |
2020-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292919
|
6.1 |
MEDIUM
Network
|
pragmamx
|
pragmamx
|
Multiple cross-site scripting (XSS) vulnerabilities in pragmaMx 1.x before 1.12.2 allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter to modules.php or (2) img_ur…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2452
|
2024-11-21 10:39 |
2020-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292920
|
6.1 |
MEDIUM
Network
|
atmail
|
atmail
|
Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2593
|
2024-11-21 10:39 |
2020-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
