|
290181
|
- |
|
ibm
|
power_5_system_firmware
power_5
|
The Service Processor in the IBM Power 5 91##-### and 940#-### before SF240_418_382 does not ensure that firewall code is executed, which allows remote attackers to execute arbitrary code via unspeci…
|
CWE-255
Credentials Management
|
CVE-2012-4856
|
2024-11-21 10:43 |
2012-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290182
|
- |
|
ibm
|
rational_clearquest
|
The OSLC interface in the Web Client (aka CQ Web) in IBM Rational ClearQuest 7.1.2.x before 7.1.2.9 and 8.0.0.x before 8.0.0.5 allows remote attackers to conduct phishing attacks via a FRAME element.
|
NVD-CWE-noinfo
|
CVE-2012-4839
|
2024-11-21 10:43 |
2012-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290183
|
- |
|
ibm
|
lotus_foundations_start
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Foundations Start before 1.2.2c allow remote authenticated users to inject arbitrary web script or HTML via a Webconfig Users user-att…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4848
|
2024-11-21 10:43 |
2012-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290184
|
- |
|
ibm
|
lotus_notes
|
IBM Lotus Notes 8.5.x before 8.5.3 FP3 does not include the HTTPOnly flag in a Set-Cookie header for a web-application cookie, which makes it easier for remote attackers to obtain potentially sensiti…
|
CWE-200
Information Exposure
|
CVE-2012-4846
|
2024-11-21 10:43 |
2012-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290185
|
- |
|
apache
|
tomcat
|
org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to…
|
CWE-399
Resource Management Errors
|
CVE-2012-4534
|
2024-11-21 10:43 |
2012-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290186
|
- |
|
tropos
|
mesh_os
1310_distrubution_automation_mesh_router
1410_mesh_router
1410_wireless_mesh_router
3310_indoor_mesh_router
3320_indoor_mesh_router
4310_mobile_mesh_router
6310_mesh_rout…
|
Mesh OS before 7.9.1.1 on Tropos wireless mesh routers does not use a sufficient source of entropy for SSH keys, which makes it easier for man-in-the-middle attackers to spoof a device or modify a cl…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4898
|
2024-11-21 10:43 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290187
|
- |
|
invensys
siemens
|
wonderware_intouch
processsuite
|
Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_security.ini, which makes it easier for local users to discover passwords by re…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4693
|
2024-11-21 10:43 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290188
|
- |
|
siemens
|
automation_license_manager
|
Memory leak in Siemens Automation License Manager (ALM) 4.x and 5.x before 5.2 allows remote attackers to cause a denial of service (memory consumption) via crafted packets.
|
CWE-399
Resource Management Errors
|
CVE-2012-4691
|
2024-11-21 10:43 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290189
|
- |
|
axway
|
securetransport
|
Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and earlier allow remote authenticated users to (1) read, (2) delete, or (3) create files, or (4) list directories, via a…
|
CWE-22
Path Traversal
|
CVE-2012-4991
|
2024-11-21 10:43 |
2012-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290190
|
- |
|
layton_technology
|
helpbox
|
Layton Helpbox 4.4.0 allows remote attackers to discover cleartext credentials for the login page by sniffing the network.
|
CWE-310
Cryptographic Issues
|
CVE-2012-4977
|
2024-11-21 10:43 |
2012-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
