|
290371
|
- |
|
apache
|
tomcat
|
The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka clien…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5885
|
2024-11-21 10:45 |
2012-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290372
|
- |
|
uk-cookie_project
|
uk-cookie
|
Cross-site scripting (XSS) vulnerability in the Uk Cookie (aka uk-cookie) plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5856
|
2024-11-21 10:45 |
2012-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290373
|
- |
|
mozilla
|
bugzilla
|
The User.get method in Bugzilla/WebService/User.pm in Bugzilla 4.3.2 allows remote attackers to obtain sensitive information about the saved searches of arbitrary users via an XMLRPC request or a JSO…
|
CWE-200
Information Exposure
|
CVE-2012-5884
|
2024-11-21 10:45 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290374
|
- |
|
mozilla
yahoo
|
bugzilla
yui
|
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.9.0, as used in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x an…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5883
|
2024-11-21 10:45 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290375
|
- |
|
yahoo
|
yui
|
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to uploade…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5882
|
2024-11-21 10:45 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290376
|
- |
|
yahoo
|
yui
|
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to charts.…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5881
|
2024-11-21 10:45 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290377
|
- |
|
phome
|
empirecms
|
Eval injection vulnerability in the ReplaceListVars function in the template parser in e/class/connect.php in EmpireCMS 6.6 allows user-assisted remote attackers to execute arbitrary PHP code via a c…
|
CWE-94
Code Injection
|
CVE-2012-5777
|
2024-11-21 10:45 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290378
|
- |
|
google
apple
|
chrome
webkit
safari
|
html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remo…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5851
|
2024-11-21 10:45 |
2012-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290379
|
- |
|
oberthur
|
id-one_cosmo
|
Unspecified vulnerability on Oberthur ID-One COSMO 5.2, 5.2a, and 64 smart cards makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging the generation of non-compli…
|
NVD-CWE-noinfo
|
CVE-2012-5860
|
2024-11-21 10:45 |
2012-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290380
|
- |
|
adobe
|
flash_player
air
air_sdk
|
Unspecified vulnerability in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 o…
|
NVD-CWE-noinfo
|
CVE-2012-5673
|
2024-11-21 10:45 |
2012-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
