|
292151
|
- |
|
realnetworks
|
helix_server
helix_mobile_server
|
Cross-site request forgery (CSRF) vulnerability in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to hijack the authentication of administrators for requ…
|
CWE-352
Origin Validation Error
|
CVE-2012-1985
|
2024-11-21 10:38 |
2012-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292152
|
- |
|
realnetworks
|
helix_server
helix_mobile_server
|
Multiple cross-site scripting (XSS) vulnerabilities in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allow remote attackers to inject arbitrary web script or HTML via unspecifi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1984
|
2024-11-21 10:38 |
2012-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292153
|
- |
|
realnetworks
|
helix_server
helix_mobile_server
|
RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under adm_b_db\users\, which allows local users to obtain sensitive information by reading a database.
|
CWE-310
Cryptographic Issues
|
CVE-2012-1923
|
2024-11-21 10:38 |
2012-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292154
|
- |
|
cloudera
|
cloudera_manager
cloudera_service_and_configuration_manager
|
Cloudera Manager 3.7.x before 3.7.5 and Service and Configuration Manager 3.5, when Kerberos is not enabled, does not properly install taskcontroller.cfg, which allows remote authenticated users to i…
|
CWE-310
Cryptographic Issues
|
CVE-2012-2230
|
2024-11-21 10:38 |
2012-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292155
|
- |
|
360zip
|
360zip
|
360zip 1.93beta allows remote attackers to execute arbitrary code via vectors related to file browsing and file extraction.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2225
|
2024-11-21 10:38 |
2012-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292156
|
- |
|
xunlei
|
thunder
|
Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a "DLL injection vulnerability."
|
CWE-94
Code Injection
|
CVE-2012-2224
|
2024-11-21 10:38 |
2012-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292157
|
- |
|
novell
|
zenworks_configuration_management
|
The xplat agent in Novell ZENworks Configuration Management (ZCM) 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct c…
|
CWE-200
Information Exposure
|
CVE-2012-2223
|
2024-11-21 10:38 |
2012-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292158
|
- |
|
sony
|
bravia_tv
|
The Sony Bravia TV KDL-32CX525 allows remote attackers to cause a denial of service (configuration outage or device crash) via a flood of TCP SYN packets, as demonstrated by hping, a related issue to…
|
CWE-399
Resource Management Errors
|
CVE-2012-2210
|
2024-11-21 10:38 |
2012-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292159
|
- |
|
plume-cms
|
plume_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Plume CMS 1.2.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the u_email parameter (aka Authors Email field…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2156
|
2024-11-21 10:38 |
2012-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292160
|
- |
|
cmsmadesimple
|
cms_made_simple
|
Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS Made Simple 1.10.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter (aka the Em…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1992
|
2024-11-21 10:38 |
2012-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
