|
293341
|
- |
|
lookout
|
lookout
|
The Missing Device feature in Lookout allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer."
|
NVD-CWE-noinfo
|
CVE-2012-6336
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293342
|
- |
|
avg
|
avg_antivirus
|
The Anti-theft service in AVG AntiVirus for Android allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer."
|
NVD-CWE-noinfo
|
CVE-2012-6335
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293343
|
- |
|
samsung
|
samsungdive
|
The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices does not properly implement Location APIs, which allows physically proximate attackers to provide arbitr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6334
|
2024-11-21 10:46 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293344
|
- |
|
1password
|
1password
|
Cross-site scripting (XSS) vulnerability in the Troubleshooting Reporting System feature in AgileBits 1Password 3.9.9 might allow remote attackers to inject arbitrary web script or HTML via a crafted…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6369
|
2024-11-21 10:46 |
2012-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293345
|
- |
|
sensiolabs
|
symfony
|
Symfony 2.0.x before 2.0.20, 2.1.x before 2.1.5, and 2.2-dev, when the internal routes configuration is enabled, allows remote attackers to access arbitrary services via vectors involving a URI begin…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6432
|
2024-11-21 10:46 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293346
|
- |
|
sensiolabs
|
symfony
|
Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly e…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6431
|
2024-11-21 10:46 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293347
|
- |
|
citrix
|
xendesktop
|
Citrix XenDesktop Virtual Desktop Agent (VDA) 5.6.x before 5.6.200, when making changes to the server-side policy that control USB redirection, does not propagate changes to the VDA, which allows aut…
|
NVD-CWE-noinfo
|
CVE-2012-6314
|
2024-11-21 10:46 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293348
|
- |
|
carlosgavazzi
|
eos-box_photovoltaic_monitoring_system_firmware
eos-box_photovoltaic_monitoring_system
|
Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 establishes multiple hardcoded accounts, which makes it easier for remote attackers to obtain administrative access by reading a password …
|
CWE-255
Credentials Management
|
CVE-2012-6428
|
2024-11-21 10:46 |
2012-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293349
|
- |
|
carlosgavazzi
|
eos-box_photovoltaic_monitoring_system_firmware
eos-box_photovoltaic_monitoring_system
|
Multiple SQL injection vulnerabilities in Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a similar issu…
|
CWE-89
SQL Injection
|
CVE-2012-6427
|
2024-11-21 10:46 |
2012-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293350
|
- |
|
vmware
|
vcenter_server_appliance
|
VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2012-6325
|
2024-11-21 10:46 |
2012-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
