|
289921
|
- |
|
openssl
oracle
polarssl
|
openssl
openjdk
polarssl
|
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirem…
|
CWE-310
Cryptographic Issues
|
CVE-2013-0169
|
2024-11-21 10:46 |
2013-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289922
|
- |
|
openssl
redhat
|
openssl
|
OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service …
|
CWE-310
Cryptographic Issues
|
CVE-2013-0166
|
2024-11-21 10:46 |
2013-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289923
|
- |
|
ibm
|
sterling_connect
|
The Session Manager in IBM Sterling Connect:Direct through 4.1.0.3 on UNIX allows remote attackers to cause a denial of service (daemon crash and disk consumption) via crafted data.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-6352
|
2024-11-21 10:46 |
2013-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289924
|
- |
|
ibm
|
cognos_tm1
|
Cross-site scripting (XSS) vulnerability in the Web component in IBM Cognos TM1 before 9.5.2 FP3 and 10.1 before 10.1 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecifie…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6350
|
2024-11-21 10:46 |
2013-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289925
|
- |
|
sysax
|
multi_server
|
Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted reques…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-6530
|
2024-11-21 10:46 |
2013-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289926
|
- |
|
marinet
|
marinet_cms
|
Multiple SQL injection vulnerabilities in Marinet CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) galleryphoto.php or (2) gallery.php; or the roomid parameter…
|
CWE-89
SQL Injection
|
CVE-2012-6529
|
2024-11-21 10:46 |
2013-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289927
|
- |
|
atutor
|
atutor
|
Multiple cross-site scripting (XSS) vulnerabilities in ATutor before 2.1 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) themes/default/tile_search/index.tmpl.p…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6528
|
2024-11-21 10:46 |
2013-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289928
|
- |
|
joedolson
wordpress
|
my_calendar
wordpress
|
Cross-site scripting (XSS) vulnerability in the My Calendar plugin before 1.10.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
|
CWE-79
Cross-site Scripting
|
CVE-2012-6527
|
2024-11-21 10:46 |
2013-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289929
|
- |
|
vastal
|
freelance_zone
|
SQL injection vulnerability in show_code.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the code_id parameter.
|
CWE-89
SQL Injection
|
CVE-2012-6526
|
2024-11-21 10:46 |
2013-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289930
|
- |
|
phpbridges_dev_team
|
phpbridges
|
SQL injection vulnerability in members.php in PHPBridges allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2012-6525
|
2024-11-21 10:46 |
2013-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
