|
296171
|
- |
|
mozilla
google
|
firefox
chrome
|
The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypte…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4930
|
2024-11-21 10:43 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296172
|
- |
|
debian
mozilla
google
|
debian_linux
firefox
chrome
|
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4929
|
2024-11-21 10:43 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296173
|
- |
|
oxwall
|
oxwall
|
Cross-site scripting (XSS) vulnerability in ow_updates/index.php in Oxwall 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the plugin parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4928
|
2024-11-21 10:43 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296174
|
- |
|
limesurvey
|
limesurvey
|
SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before 1.91+ Build 120224 and earlier allows remote attackers to execute arbitrary SQL commands via the fieldnames parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2012-4927
|
2024-11-21 10:43 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296175
|
- |
|
imgpals
|
img_pals_photo_host
|
approve.php in Img Pals Photo Host 1.0 does not authenticate requests, which allows remote attackers to change the activation of administrators via the u parameter in an (1) app0 (disable) or (2) app…
|
CWE-287
Improper Authentication
|
CVE-2012-4926
|
2024-11-21 10:43 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296176
|
- |
|
imgpals
|
img_pals_photo_host
|
Multiple SQL injection vulnerabilities in approve.php in Img Pals Photo Host 1.0 allow remote attackers to execute arbitrary SQL commands via the u parameter in a (1) app0 or (2) app1 action. NOTE: …
|
CWE-89
SQL Injection
|
CVE-2012-4925
|
2024-11-21 10:43 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296177
|
- |
|
asus
|
net4switch
ipswcom_activex_component
|
Buffer overflow in the CxDbgPrint function in the ipswcom.dll ActiveX component 1.0.0.1 for ASUS Net4Switch 1.0.0020 allows remote attackers to execute arbitrary code via a long parameter to the Aler…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4924
|
2024-11-21 10:43 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296178
|
- |
|
endian
|
firewall
|
Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule para…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4923
|
2024-11-21 10:43 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296179
|
- |
|
ibm
|
vios
aix
|
The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via …
|
NVD-CWE-Other
|
CVE-2012-4817
|
2024-11-21 10:43 |
2012-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296180
|
- |
|
bitcoin
|
bitcoin_core
|
Unspecified vulnerability in bitcoind and Bitcoin-Qt allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-4682.
|
NVD-CWE-noinfo
|
CVE-2012-4683
|
2024-11-21 10:43 |
2012-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
