|
297561
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file.
|
CWE-94
Code Injection
|
CVE-2012-0922
|
2024-11-21 10:35 |
2012-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297562
|
- |
|
php
|
php
|
The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handl…
|
CWE-399
Resource Management Errors
|
CVE-2012-0830
|
2024-11-21 10:35 |
2012-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297563
|
- |
|
todd_miller
|
sudo
|
Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to execute arbitrary code via format string sequences in the program name for sudo.
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2012-0809
|
2024-11-21 10:35 |
2012-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297564
|
- |
|
samba
|
samba
|
Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making many connection requests.
|
CWE-200
Information Exposure
|
CVE-2012-0817
|
2024-11-21 10:35 |
2012-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297565
|
- |
|
wordpress
|
wordpress
|
Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier allow remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2012-0782
|
2024-11-21 10:35 |
2012-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297566
|
- |
|
acidcat
|
acidcat_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Acidcat CMS 3.5.1, 3.5.2, 3.5.6, and possibly earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) adm…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0933
|
2024-11-21 10:35 |
2012-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297567
|
- |
|
leadcapturepagesystem
|
lead_capture_page_system
|
Cross-site scripting (XSS) vulnerability in admin/login.php in Lead Capture Page System allows remote attackers to inject arbitrary web script or HTML via the message parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-0932
|
2024-11-21 10:35 |
2012-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297568
|
9.8 |
CRITICAL
Network
|
schneider-electric
|
modicon_quantum_plc
|
Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or possibly execute arbitrary cod…
|
CWE-287
Improper Authentication
|
CVE-2012-0931
|
2024-11-21 10:35 |
2012-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297569
|
6.1 |
MEDIUM
Network
|
schneider-electric
|
modicon_quantum_plc
|
Cross-site scripting (XSS) vulnerability in Schneider Electric Modicon Quantum PLC allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-0930
|
2024-11-21 10:35 |
2012-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297570
|
7.5 |
HIGH
Network
|
schneider-electric
|
modicon_quantum_plc
|
Multiple buffer overflows in Schneider Electric Modicon Quantum PLC allow remote attackers to cause a denial of service via malformed requests to the (1) FTP server or (2) HTTP server.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0929
|
2024-11-21 10:35 |
2012-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
