|
288711
|
- |
|
opera
|
opera_browser
|
Opera before 12.10 does not properly implement the Cross-Origin Resource Sharing (CORS) specification, which allows remote attackers to bypass intended page-content restrictions via a crafted request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6462
|
2024-11-21 10:46 |
2013-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288712
|
- |
|
opera
|
opera_browser
|
The X.509 certificate-validation functionality in the https implementation in Opera before 12.10 allows remote attackers to trigger a false indication of successful revocation-status checking by caus…
|
CWE-20
Improper Input Validation
|
CVE-2012-6461
|
2024-11-21 10:46 |
2013-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288713
|
- |
|
opera
|
opera_browser
|
Opera before 11.67 and 12.x before 12.02 allows remote attackers to cause truncation of a dialog, and possibly trigger downloading and execution of arbitrary programs, via a crafted web site.
|
NVD-CWE-Other
|
CVE-2012-6460
|
2024-11-21 10:46 |
2013-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288714
|
- |
|
intel
|
connman
|
ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obtain sensitive information via Bluetooth packets.
|
CWE-200
Information Exposure
|
CVE-2012-6459
|
2024-11-21 10:46 |
2013-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288715
|
- |
|
lemonldap-ng
|
lemonldap\
|
LemonLDAP::NG before 1.2.3 does not use the signature-verification capability of the Lasso library, which allows remote attackers to bypass intended access-control restrictions via crafted SAML data.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6426
|
2024-11-21 10:46 |
2013-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288716
|
- |
|
belkin
|
n900_wireless_router
|
The WPA2 implementation on the Belkin N900 F9K1104v1 router establishes a WPS PIN based on 6 digits of the LAN/WLAN MAC address, which makes it easier for remote attackers to obtain access to a Wi-Fi…
|
CWE-310
Cryptographic Issues
|
CVE-2012-6371
|
2024-11-21 10:46 |
2013-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288717
|
- |
|
mediawiki
|
rssreader
|
Cross-site scripting (XSS) vulnerability in the RSS Reader extension before 0.2.6 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a crafted feed.
|
CWE-79
Cross-site Scripting
|
CVE-2012-6453
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288718
|
- |
|
cerberusftp
|
ftp_server
|
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cerberus FTP Server before 5.0.6.0 allow (1) remote attackers to inject arbitrary web script or HTML via a l…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6339
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288719
|
- |
|
samsung
|
samsungdive
|
The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices shows the activation of remote tracking, which might allow physically proximate attackers to defeat a pr…
|
CWE-200
Information Exposure
|
CVE-2012-6337
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288720
|
- |
|
lookout
|
lookout
|
The Missing Device feature in Lookout allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer."
|
NVD-CWE-noinfo
|
CVE-2012-6336
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
