|
293981
|
- |
|
rockwellautomation
|
plc-5_controller
ab_micrologix_controller
slc_500_controller
|
Rockwell Automation Allen-Bradley MicroLogix controller 1100, 1200, 1400, and 1500; SLC 500 controller platform; and PLC-5 controller platform, when Static status is not enabled, allow remote attacke…
|
CWE-16
Configuration
|
CVE-2012-4690
|
2024-11-21 10:43 |
2012-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293982
|
- |
|
postoaktraffic
|
awam_bluetooth_reader
|
Post Oak AWAM Bluetooth Reader Traffic System does not use a sufficient source of entropy for private keys, which makes it easier for man-in-the-middle attackers to spoof a device by predicting a key…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4687
|
2024-11-21 10:43 |
2012-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293983
|
- |
|
vmware
|
springsource_spring_security
|
DaoAuthenticationProvider in VMware SpringSource Spring Security before 2.0.8, 3.0.x before 3.0.8, and 3.1.x before 3.1.3 does not check the password if the user is not found, which makes the respons…
|
CWE-200
Information Exposure
|
CVE-2012-5055
|
2024-11-21 10:43 |
2012-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293984
|
- |
|
forescout
|
counteract
|
The Forescout CounterACT NAC device 6.3.4.1 does not block ARP and ICMP traffic from unrecognized clients, which allows remote attackers to conduct ARP poisoning attacks via crafted packets.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4985
|
2024-11-21 10:43 |
2012-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293985
|
- |
|
forescout
|
counteract
|
Multiple cross-site scripting (XSS) vulnerabilities on the Forescout CounterACT NAC device before 7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the a parameter to assets/l…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4983
|
2024-11-21 10:43 |
2012-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293986
|
- |
|
forescout
|
counteract
|
Open redirect vulnerability in assets/login on the Forescout CounterACT NAC device before 7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL i…
|
CWE-20
Improper Input Validation
|
CVE-2012-4982
|
2024-11-21 10:43 |
2012-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293987
|
- |
|
ibm
|
rational_developer_for_system_z
|
The Host Connect emulator in IBM Rational Developer for System z 7.1 through 8.5.1 does not properly store the SSL certificate password, which allows local users to obtain sensitive information via u…
|
CWE-255
Credentials Management
|
CVE-2012-4862
|
2024-11-21 10:43 |
2012-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293988
|
- |
|
emc
|
rsa_netwitness_informer
|
The web interface in EMC RSA NetWitness Informer before 2.0.5.6 allows remote attackers to conduct clickjacking attacks via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2012-4609
|
2024-11-21 10:43 |
2012-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293989
|
- |
|
emc
|
rsa_netwitness_informer
|
Cross-site request forgery (CSRF) vulnerability in the web interface in EMC RSA NetWitness Informer before 2.0.5.6 allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2012-4608
|
2024-11-21 10:43 |
2012-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293990
|
- |
|
python
|
keyring
|
Python Keyring 0.9.1 does not securely initialize the cipher when encrypting passwords for CryptedFileKeyring files, which makes it easier for local users to obtain passwords via a brute-force attack.
|
CWE-310
Cryptographic Issues
|
CVE-2012-4571
|
2024-11-21 10:43 |
2012-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
