|
291751
|
- |
|
mediawiki
|
rssreader
|
Cross-site scripting (XSS) vulnerability in the RSS Reader extension before 0.2.6 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a crafted feed.
|
CWE-79
Cross-site Scripting
|
CVE-2012-6453
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291752
|
- |
|
cerberusftp
|
ftp_server
|
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cerberus FTP Server before 5.0.6.0 allow (1) remote attackers to inject arbitrary web script or HTML via a l…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6339
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291753
|
- |
|
samsung
|
samsungdive
|
The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices shows the activation of remote tracking, which might allow physically proximate attackers to defeat a pr…
|
CWE-200
Information Exposure
|
CVE-2012-6337
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291754
|
- |
|
lookout
|
lookout
|
The Missing Device feature in Lookout allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer."
|
NVD-CWE-noinfo
|
CVE-2012-6336
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291755
|
- |
|
avg
|
avg_antivirus
|
The Anti-theft service in AVG AntiVirus for Android allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer."
|
NVD-CWE-noinfo
|
CVE-2012-6335
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291756
|
- |
|
samsung
|
samsungdive
|
The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices does not properly implement Location APIs, which allows physically proximate attackers to provide arbitr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6334
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291757
|
- |
|
1password
|
1password
|
Cross-site scripting (XSS) vulnerability in the Troubleshooting Reporting System feature in AgileBits 1Password 3.9.9 might allow remote attackers to inject arbitrary web script or HTML via a crafted…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6369
|
2024-11-21 10:46 |
2012-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291758
|
- |
|
sensiolabs
|
symfony
|
Symfony 2.0.x before 2.0.20, 2.1.x before 2.1.5, and 2.2-dev, when the internal routes configuration is enabled, allows remote attackers to access arbitrary services via vectors involving a URI begin…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6432
|
2024-11-21 10:46 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291759
|
- |
|
sensiolabs
|
symfony
|
Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly e…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6431
|
2024-11-21 10:46 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291760
|
- |
|
citrix
|
xendesktop
|
Citrix XenDesktop Virtual Desktop Agent (VDA) 5.6.x before 5.6.200, when making changes to the server-side policy that control USB redirection, does not propagate changes to the VDA, which allows aut…
|
NVD-CWE-noinfo
|
CVE-2012-6314
|
2024-11-21 10:46 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
