|
295331
|
- |
|
yahoo
|
yui
|
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to charts.…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5881
|
2024-11-21 10:45 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295332
|
- |
|
phome
|
empirecms
|
Eval injection vulnerability in the ReplaceListVars function in the template parser in e/class/connect.php in EmpireCMS 6.6 allows user-assisted remote attackers to execute arbitrary PHP code via a c…
|
CWE-94
Code Injection
|
CVE-2012-5777
|
2024-11-21 10:45 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295333
|
- |
|
google
apple
|
chrome
webkit
safari
|
html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remo…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5851
|
2024-11-21 10:45 |
2012-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295334
|
- |
|
oberthur
|
id-one_cosmo
|
Unspecified vulnerability on Oberthur ID-One COSMO 5.2, 5.2a, and 64 smart cards makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging the generation of non-compli…
|
NVD-CWE-noinfo
|
CVE-2012-5860
|
2024-11-21 10:45 |
2012-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295335
|
- |
|
adobe
|
flash_player
air
air_sdk
|
Unspecified vulnerability in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 o…
|
NVD-CWE-noinfo
|
CVE-2012-5673
|
2024-11-21 10:45 |
2012-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295336
|
- |
|
joomla
|
joomla\!
|
Joomla! 2.5.x before 2.5.8 and 3.0.x before 3.0.2 allows remote attackers to conduct clickjacking attacks via unspecified vectors involving "Inadequate protection."
|
NVD-CWE-noinfo
|
CVE-2012-5827
|
2024-11-21 10:45 |
2012-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295337
|
- |
|
tweepy
|
tweepy
|
Tweepy does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to s…
|
CWE-20
Improper Input Validation
|
CVE-2012-5825
|
2024-11-21 10:45 |
2012-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295338
|
- |
|
cerulean_studios
|
trillian
|
Trillian 5.1.0.19 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle att…
|
CWE-295
Improper Certificate Validation
|
CVE-2012-5824
|
2024-11-21 10:45 |
2012-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295339
|
- |
|
opensourceclassifieds
|
opensourceclassifieds
|
Open Source Classifieds does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-midd…
|
CWE-20
Improper Input Validation
|
CVE-2012-5823
|
2024-11-21 10:45 |
2012-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295340
|
7.4 |
HIGH
Network
|
mozilla
|
zamboni
|
The contribution feature in Zamboni does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man…
|
CWE-295
Improper Certificate Validation
|
CVE-2012-5822
|
2024-11-21 10:45 |
2012-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
