|
290681
|
- |
|
puppetlabs
puppet
|
puppet
puppet_enterprise
|
Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user…
|
CWE-200
Information Exposure
|
CVE-2012-3864
|
2024-11-21 10:41 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290682
|
- |
|
bitcoin
|
bitcoin_core
|
Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.7rc3, 0.5.x before 0.5.6rc3, 0.6.0.x before 0.6.0.9rc1, and 0.6.x before 0.6.3rc1 allows remote attackers to cause a denial of service …
|
NVD-CWE-noinfo
|
CVE-2012-3789
|
2024-11-21 10:41 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290683
|
- |
|
sonicwall
|
scrutinizer
|
The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows r…
|
CWE-89
SQL Injection
|
CVE-2012-3951
|
2024-11-21 10:41 |
2012-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290684
|
- |
|
sonicwall
|
scrutinizer
|
Multiple cross-site scripting (XSS) vulnerabilities in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allow remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3848
|
2024-11-21 10:41 |
2012-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290685
|
- |
|
airdroid
|
airdroid
|
The login implementation in AirDroid 1.0.4 beta allows remote attackers to bypass a multiple-login protection mechanism by modifying a pass value within JSON data.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3888
|
2024-11-21 10:41 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290686
|
- |
|
airdroid
|
airdroid
|
AirDroid before 1.0.7 beta uses a cleartext base64 format for data transfer that is documented as an "Encrypted Transmission" feature, which allows remote attackers to obtain sensitive information by…
|
CWE-310
Cryptographic Issues
|
CVE-2012-3887
|
2024-11-21 10:41 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290687
|
- |
|
airdroid
|
airdroid
|
AirDroid 1.0.4 beta uses the MD5 algorithm for values in the checklogin key parameter and 7bb cookie, which makes it easier for remote attackers to obtain cleartext data by sniffing the local wireles…
|
CWE-200
Information Exposure
|
CVE-2012-3886
|
2024-11-21 10:41 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290688
|
- |
|
airdroid
|
airdroid
|
The default configuration of AirDroid 1.0.4 beta uses a four-character alphanumeric password, which makes it easier for remote attackers to obtain access via a brute-force attack.
|
CWE-287
Improper Authentication
|
CVE-2012-3885
|
2024-11-21 10:41 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290689
|
- |
|
airdroid
|
airdroid
|
AirDroid 1.0.4 beta implements authentication through direct transmission of a password hash over HTTP, which makes it easier for remote attackers to obtain access by sniffing the local wireless netw…
|
CWE-287
Improper Authentication
|
CVE-2012-3884
|
2024-11-21 10:41 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290690
|
- |
|
apple
|
xcode
|
Apple Xcode before 4.4 does not properly compose a designated requirement (DR) during signing of programs that lack bundle identifiers, which allows remote attackers to read keychain entries via a cr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3698
|
2024-11-21 10:41 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
