|
296591
|
- |
|
sony
|
bravia_tv
|
The Sony Bravia TV KDL-32CX525 allows remote attackers to cause a denial of service (configuration outage or device crash) via a flood of TCP SYN packets, as demonstrated by hping, a related issue to…
|
CWE-399
Resource Management Errors
|
CVE-2012-2210
|
2024-11-21 10:38 |
2012-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296592
|
- |
|
plume-cms
|
plume_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Plume CMS 1.2.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the u_email parameter (aka Authors Email field…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2156
|
2024-11-21 10:38 |
2012-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296593
|
- |
|
cmsmadesimple
|
cms_made_simple
|
Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS Made Simple 1.10.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter (aka the Em…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1992
|
2024-11-21 10:38 |
2012-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296594
|
- |
|
novell
|
zenworks_configuration_management
|
Directory traversal vulnerability in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to read arbitrary files via an opcode 0x21 request.
|
CWE-22
Path Traversal
|
CVE-2012-2215
|
2024-11-21 10:38 |
2012-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296595
|
- |
|
phpmyadmin
|
phpmyadmin
|
show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist, allows remote attackers to obtain sensitive information via a direct request, which reveals the i…
|
CWE-200
Information Exposure
|
CVE-2012-1902
|
2024-11-21 10:38 |
2012-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296596
|
7.5 |
HIGH
Network
|
github
|
github
|
GitHub Enterprise before 20120304 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the public_key[user_id] value via a mod…
|
CWE-913
Improper Control of Dynamically-Managed Code Resources
|
CVE-2012-2055
|
2024-11-21 10:38 |
2012-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296597
|
- |
|
redmine
|
redmine
|
Redmine before 1.3.2 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set attributes in the (1) Comment, (2) Document, (3) Iss…
|
CWE-255
Credentials Management
|
CVE-2012-2054
|
2024-11-21 10:38 |
2012-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296598
|
- |
|
f5
|
firepass
|
The sudoers file in the Linux system configuration in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 does not require a password for executing commands as root, which allows local users to gain privileges…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2053
|
2024-11-21 10:38 |
2012-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296599
|
- |
|
socialcms
|
socialcms
|
Cross-site scripting (XSS) vulnerability in my_admin/admin1_list_pages.php in SocialCMS 1.0.2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the TR_title par…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1982
|
2024-11-21 10:38 |
2012-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296600
|
- |
|
privawall
|
privawall_antivirus
|
The scanner engine in PrivaWall Antivirus 5.6 and earlier does not recognize the Office XML (aka Open Document XML) file format, which allows remote attackers to bypass malware detection via a crafte…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1907
|
2024-11-21 10:38 |
2012-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
