|
290011
|
- |
|
lemonldap-ng
|
lemonldap\
|
LemonLDAP::NG before 1.2.3 does not use the signature-verification capability of the Lasso library, which allows remote attackers to bypass intended access-control restrictions via crafted SAML data.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6426
|
2024-11-21 10:46 |
2013-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290012
|
- |
|
belkin
|
n900_wireless_router
|
The WPA2 implementation on the Belkin N900 F9K1104v1 router establishes a WPS PIN based on 6 digits of the LAN/WLAN MAC address, which makes it easier for remote attackers to obtain access to a Wi-Fi…
|
CWE-310
Cryptographic Issues
|
CVE-2012-6371
|
2024-11-21 10:46 |
2013-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290013
|
- |
|
mediawiki
|
rssreader
|
Cross-site scripting (XSS) vulnerability in the RSS Reader extension before 0.2.6 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via a crafted feed.
|
CWE-79
Cross-site Scripting
|
CVE-2012-6453
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290014
|
- |
|
cerberusftp
|
ftp_server
|
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cerberus FTP Server before 5.0.6.0 allow (1) remote attackers to inject arbitrary web script or HTML via a l…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6339
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290015
|
- |
|
samsung
|
samsungdive
|
The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices shows the activation of remote tracking, which might allow physically proximate attackers to defeat a pr…
|
CWE-200
Information Exposure
|
CVE-2012-6337
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290016
|
- |
|
lookout
|
lookout
|
The Missing Device feature in Lookout allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer."
|
NVD-CWE-noinfo
|
CVE-2012-6336
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290017
|
- |
|
avg
|
avg_antivirus
|
The Anti-theft service in AVG AntiVirus for Android allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer."
|
NVD-CWE-noinfo
|
CVE-2012-6335
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290018
|
- |
|
samsung
|
samsungdive
|
The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices does not properly implement Location APIs, which allows physically proximate attackers to provide arbitr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6334
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290019
|
- |
|
1password
|
1password
|
Cross-site scripting (XSS) vulnerability in the Troubleshooting Reporting System feature in AgileBits 1Password 3.9.9 might allow remote attackers to inject arbitrary web script or HTML via a crafted…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6369
|
2024-11-21 10:46 |
2012-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290020
|
- |
|
sensiolabs
|
symfony
|
Symfony 2.0.x before 2.0.20, 2.1.x before 2.1.5, and 2.2-dev, when the internal routes configuration is enabled, allows remote attackers to access arbitrary services via vectors involving a URI begin…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6432
|
2024-11-21 10:46 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
