|
295951
|
- |
|
elinks
|
elinks
|
The http_negotiate_create_context function in protocol/http/http_negotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials thro…
|
CWE-287
Improper Authentication
|
CVE-2012-4545
|
2024-11-21 10:43 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295952
|
- |
|
polycom
|
hdx_system_software
|
Cross-site scripting (XSS) vulnerability in the web management interface on Polycom HDX Video End Points with UC APL software before 2.7.1.1_J, and commercial software before 3.0.5, allows remote att…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4970
|
2024-11-21 10:43 |
2013-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295953
|
- |
|
i-gen
|
oplynx
|
The Central application in i-GEN opLYNX before 2.01.9 allows remote attackers to bypass authentication via vectors involving the disabling of browser JavaScript support.
|
CWE-287
Improper Authentication
|
CVE-2012-4688
|
2024-11-21 10:43 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295954
|
- |
|
simple_invoices
|
simple_invoices
|
Multiple cross-site scripting (XSS) vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via (1) the having parameter in a mana…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4932
|
2024-11-21 10:43 |
2012-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295955
|
- |
|
trustwave
opensuse
fedoraproject
|
modsecurity
opensuse
fedora
|
The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an inv…
|
NVD-CWE-noinfo
|
CVE-2012-4528
|
2024-11-21 10:43 |
2012-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295956
|
- |
|
emc
|
data_protection_advisor
|
Directory traversal vulnerability in the Web UI in EMC Data Protection Advisor (DPA) 5.6 through SP1, 5.7 through SP1, and 5.8 through SP4 allows remote attackers to read arbitrary files via unspecif…
|
CWE-22
Path Traversal
|
CVE-2012-4616
|
2024-11-21 10:43 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295957
|
- |
|
ibm
|
rational_automation_framework
|
IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5 allows remote attackers to bypass intended Env Gen Wizard (aka Environment Generation Wizard) access restrictions by visiting context roots…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4816
|
2024-11-21 10:43 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295958
|
- |
|
siemens
|
ros
rox_i_os
rox_ii_os
ruggedmax_os
|
Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH commun…
|
CWE-200
Information Exposure
|
CVE-2012-4698
|
2024-11-21 10:43 |
2012-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295959
|
- |
|
ibm
|
tivoli_storage_manager_for_space_management
|
Unspecified vulnerability in IBM Tivoli Storage Manager for Space Management (aka TSM HSM) before 6.2.5.0 and 6.3.x before 6.3.1.0 allows local users to read or modify file system objects via unknown…
|
NVD-CWE-noinfo
|
CVE-2012-4859
|
2024-11-21 10:43 |
2012-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295960
|
- |
|
linux
|
linux_kernel
|
The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcp_congestion_control illinois setting is enabled, allows local users to cause a denial…
|
CWE-189
Numeric Errors
|
CVE-2012-4565
|
2024-11-21 10:43 |
2012-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
