|
293641
|
- |
|
sensiolabs
|
symfony
|
Symfony 2.0.x before 2.0.20, 2.1.x before 2.1.5, and 2.2-dev, when the internal routes configuration is enabled, allows remote attackers to access arbitrary services via vectors involving a URI begin…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6432
|
2024-11-21 10:46 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293642
|
- |
|
sensiolabs
|
symfony
|
Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly e…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6431
|
2024-11-21 10:46 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293643
|
- |
|
citrix
|
xendesktop
|
Citrix XenDesktop Virtual Desktop Agent (VDA) 5.6.x before 5.6.200, when making changes to the server-side policy that control USB redirection, does not propagate changes to the VDA, which allows aut…
|
NVD-CWE-noinfo
|
CVE-2012-6314
|
2024-11-21 10:46 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293644
|
- |
|
carlosgavazzi
|
eos-box_photovoltaic_monitoring_system_firmware
eos-box_photovoltaic_monitoring_system
|
Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 establishes multiple hardcoded accounts, which makes it easier for remote attackers to obtain administrative access by reading a password …
|
CWE-255
Credentials Management
|
CVE-2012-6428
|
2024-11-21 10:46 |
2012-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293645
|
- |
|
carlosgavazzi
|
eos-box_photovoltaic_monitoring_system_firmware
eos-box_photovoltaic_monitoring_system
|
Multiple SQL injection vulnerabilities in Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a similar issu…
|
CWE-89
SQL Injection
|
CVE-2012-6427
|
2024-11-21 10:46 |
2012-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293646
|
- |
|
vmware
|
vcenter_server_appliance
|
VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2012-6325
|
2024-11-21 10:46 |
2012-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293647
|
- |
|
vmware
|
vcenter_server_appliance
|
Directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified vector…
|
CWE-22
Path Traversal
|
CVE-2012-6324
|
2024-11-21 10:46 |
2012-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293648
|
- |
|
samsung
meizu
|
galaxy_note_2
mx
galaxy_s2
|
The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which al…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6422
|
2024-11-21 10:46 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293649
|
- |
|
xen
|
xen
|
Multiple HVM control operations in Xen 3.4 through 4.2 allow local HVM guest OS administrators to cause a denial of service (physical CPU consumption) via a large input.
|
CWE-399
Resource Management Errors
|
CVE-2012-6333
|
2024-11-21 10:46 |
2012-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293650
|
- |
|
simple_gmail_login
|
1.1.2
1.1.3
|
simple-gmail-login.php in the Simple Gmail Login plugin before 1.1.4 for WordPress allows remote attackers to obtain sensitive information via a request that lacks a timezone, leading to disclosure o…
|
CWE-200
Information Exposure
|
CVE-2012-6313
|
2024-11-21 10:46 |
2012-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
