|
291281
|
- |
|
sophos
|
safeguard_enterprise
|
The Device Encryption Client component in Sophos SafeGuard Enterprise 6.0, when a volume-based encryption policy is enabled in conjunction with a user-defined key, does not properly block use of exFA…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4736
|
2024-11-21 10:43 |
2012-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291282
|
- |
|
vbulletin
|
vbulletin
|
SQL injection vulnerability in announcement.php in vBulletin 4.1.10 allows remote attackers to execute arbitrary SQL commands via the announcementid parameter.
|
CWE-89
SQL Injection
|
CVE-2012-4686
|
2024-11-21 10:43 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291283
|
- |
|
arbornetworks
|
peakflow_sp
|
Cross-site scripting (XSS) vulnerability in Arbor Networks Peakflow SP 5.1.1 before patch 6, 5.5 before patch 4, and 5.6.0 before patch 1 allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4685
|
2024-11-21 10:43 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291284
|
- |
|
ioserver
|
ioserver
|
Directory traversal vulnerability in the XML Server in IOServer before 1.0.19.0, when the Root Directory pathname lacks a trailing \ (backslash) character, allows remote attackers to read arbitrary f…
|
CWE-22
Path Traversal
|
CVE-2012-4680
|
2024-11-21 10:43 |
2012-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291285
|
- |
|
sourcefabric
|
newscoop
|
Cross-site scripting (XSS) vulnerability in admin/login.php in Newscoop before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the f_user_name parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4679
|
2024-11-21 10:43 |
2012-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291286
|
- |
|
munin-monitoring
|
munin
|
munin-cgi-graph for Munin 2.0 rc4 does not delete temporary files, which allows remote attackers to cause a denial of service (disk consumption) via many requests to an image with unique parameters.
|
CWE-399
Resource Management Errors
|
CVE-2012-4678
|
2024-11-21 10:43 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291287
|
- |
|
google
|
tunnelblick
|
Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by using a crafted Info.plist file to control the gOkIfNotSecure value.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4677
|
2024-11-21 10:43 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291288
|
- |
|
google
|
tunnelblick
|
The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a (1) symlink or (2) hard link, a different vulnerability tha…
|
CWE-59
Link Following
|
CVE-2012-4676
|
2024-11-21 10:43 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291289
|
- |
|
pluxml
|
pluxml
|
Cross-site scripting (XSS) vulnerability in PluXml 5.1.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to file update.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4675
|
2024-11-21 10:43 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291290
|
- |
|
pluxml
|
pluxml
|
PluXml before 5.1.6 allows remote attackers to obtain the installation path via the PHPSESSID.
|
CWE-200
Information Exposure
|
CVE-2012-4674
|
2024-11-21 10:43 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
