|
295041
|
- |
|
linux
|
linux_kernel
|
The ip6_frag_queue function in net/ipv6/reassembly.c in the Linux kernel before 2.6.36 allows remote attackers to bypass intended network restrictions via overlapping IPv6 fragments.
|
NVD-CWE-noinfo
|
CVE-2012-4444
|
2024-11-21 10:42 |
2012-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295042
|
- |
|
apache
|
tomcat
|
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mecha…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4431
|
2024-11-21 10:42 |
2012-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295043
|
- |
|
symantec
|
enterprise_security_manager
|
Multiple unquoted Windows search path vulnerabilities in the (1) Manager and (2) Agent components in Symantec Enterprise Security Manager (ESM) before 11.0 allow local users to gain privileges via un…
|
NVD-CWE-Other
|
CVE-2012-4350
|
2024-11-21 10:42 |
2012-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295044
|
- |
|
symantec
|
endpoint_protection
|
The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly v…
|
CWE-20
Improper Input Validation
|
CVE-2012-4348
|
2024-11-21 10:42 |
2012-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295045
|
- |
|
symantec
|
network_access_control
|
Unquoted Windows search path vulnerability in Symantec Network Access Control (SNAC) 12.1 before RU2 allows local users to gain privileges via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2012-4349
|
2024-11-21 10:42 |
2012-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295046
|
- |
|
symantec
|
messaging_gateway
|
Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1)…
|
CWE-22
Path Traversal
|
CVE-2012-4347
|
2024-11-21 10:42 |
2012-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295047
|
- |
|
david_alkire
|
drag_\&_drop_gallery
|
SQL injection vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-4479
|
2024-11-21 10:42 |
2012-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295048
|
- |
|
david_alkire
|
drag_\&_drop_gallery
|
Cross-site request forgery (CSRF) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to hijack the authentication of administrators.
|
CWE-352
Origin Validation Error
|
CVE-2012-4478
|
2024-11-21 10:42 |
2012-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295049
|
- |
|
david_alkire
|
drag_\&_drop_gallery
|
Unspecified vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to bypass access restrictions via unknown attack vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4477
|
2024-11-21 10:42 |
2012-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295050
|
- |
|
david_alkire
|
drag_\&_drop_gallery
|
Cross-site scripting (XSS) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4476
|
2024-11-21 10:42 |
2012-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
