|
295941
|
- |
|
nullsoft
|
winamp
|
Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 build 3235 allow remote attackers to execute arbitrary code via the (1) strf chunk in BI_RGB or (2) UYVY video data in an AVI fil…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4045
|
2024-11-21 10:42 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295942
|
- |
|
squashfs_project
|
squashfs
|
Integer overflow in the queue_init function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted block_log field in the superblock…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2012-4025
|
2024-11-21 10:42 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295943
|
- |
|
squashfs_project
|
squashfs
|
Stack-based buffer overflow in the get_component function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted list file (aka a cr…
|
CWE-787
Out-of-bounds Write
|
CVE-2012-4024
|
2024-11-21 10:42 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295944
|
- |
|
zingiri
|
zingiri_web_shop
|
Multiple unspecified vulnerabilities in the Zingiri Web Shop plugin before 2.4.0 for WordPress have unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-4033
|
2024-11-21 10:42 |
2012-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295945
|
- |
|
websitepanel
|
websitepanel
|
Open redirect vulnerability in the login page in WebsitePanel before 1.2.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in ReturnUrl to De…
|
CWE-20
Improper Input Validation
|
CVE-2012-4032
|
2024-11-21 10:42 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295946
|
- |
|
wangkongbao
|
cns-1100
cns-1000
|
Multiple directory traversal vulnerabilities in src/acloglogin.php in Wangkongbao CNS-1000 and 1100 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) langid coo…
|
CWE-22
Path Traversal
|
CVE-2012-4031
|
2024-11-21 10:42 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295947
|
- |
|
tridium
|
niagara_ax
|
Tridium Niagara AX Framework does not properly store credential data, which allows context-dependent attackers to bypass intended access restrictions by using the stored information for authenticatio…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2012-4028
|
2024-11-21 10:42 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295948
|
- |
|
tridium
|
niagara_ax
|
Directory traversal vulnerability in Tridium Niagara AX Framework allows remote attackers to read files outside of the intended images, nav, and px folders by leveraging incorrect permissions, as dem…
|
CWE-22
Path Traversal
|
CVE-2012-4027
|
2024-11-21 10:42 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295949
|
- |
|
johnsoncontrols
|
pegasys_p2000_server_software
pegasys_p2000_server
|
The Johnson Controls Pegasys P2000 server with software before 3.11 allows remote attackers to trigger false alerts via crafted packets to TCP port 41013 (aka the upload port), a different vulnerabil…
|
CWE-20
Improper Input Validation
|
CVE-2012-4026
|
2024-11-21 10:42 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295950
|
- |
|
ckeditor
|
fckeditor
|
Cross-site scripting (XSS) vulnerability in the print_textinputs_var function in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor 2.6.7 and earlier allows remo…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4000
|
2024-11-21 10:42 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
