|
295961
|
- |
|
siemens
|
simatic_pcs7
wincc
|
SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted S…
|
CWE-89
SQL Injection
|
CVE-2012-3032
|
2024-11-21 10:40 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295962
|
- |
|
siemens
|
simatic_pcs7
wincc
|
Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3031
|
2024-11-21 10:40 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295963
|
- |
|
siemens
|
simatic_pcs7
wincc
|
WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote at…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3030
|
2024-11-21 10:40 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295964
|
- |
|
siemens
|
simatic_pcs7
wincc
|
Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication …
|
CWE-352
Origin Validation Error
|
CVE-2012-3028
|
2024-11-21 10:40 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295965
|
- |
|
cososys
|
endpoint_protector_appliace_4
|
The CoSoSys Endpoint Protector 4 appliance establishes an EPProot password based entirely on the appliance serial number, which makes it easier for remote attackers to obtain access via a brute-force…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2994
|
2024-11-21 10:40 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295966
|
5.9 |
MEDIUM
Network
|
microsoft
|
windows_phone_7_firmware
|
Microsoft Windows Phone 7 does not verify the domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL server for the (1) …
|
CWE-295
Improper Certificate Validation
|
CVE-2012-2993
|
2024-11-21 10:40 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295967
|
- |
|
trendmicro
|
interscan_messaging_security_suite
|
Cross-site request forgery (CSRF) vulnerability in saveAccountSubTab.imss in Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394 allows remote attackers to hijack the authentication o…
|
CWE-352
Origin Validation Error
|
CVE-2012-2996
|
2024-11-21 10:40 |
2012-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295968
|
- |
|
trendmicro
|
interscan_messaging_security_suite
|
Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394 allow remote attackers to inject arbitrary web script or HTML via (1) the wr…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2995
|
2024-11-21 10:40 |
2012-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295969
|
- |
|
cisco
|
unity_connection
|
Cisco Unity Connection (UC) 7.1, 8.0, and 8.5 allows remote authenticated users to cause a denial of service (resource consumption and administration outage) via extended use of the product, aka Bug …
|
NVD-CWE-Other
|
CVE-2012-3096
|
2024-11-21 10:40 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295970
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
The VPN downloader in the download_install component in Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495 on Linux accepts arbitrary X.509 server certificates without user interaction, w…
|
CWE-200
Information Exposure
|
CVE-2012-3094
|
2024-11-21 10:40 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
