CVEs from 2012
Total
5,235
critical
critical 963
high
high 747
medium
medium 2,885
low
low 530
% Critical
18.4%
% with KEV
0.4%
% with exploit
0.5%
Top vendors
Top products
- chrome 7,005
- safari 6,451
- itunes 4,416
- firefox 4,272
- seamonkey 3,619
- opera_browser 3,599
- mysql 2,827
- thunderbird 2,165
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2012-5316 | low | — | 3.5 | 14y ago | Multiple cross-site scripting (XSS) vulnerabilities in Barracuda Spam & Virus Firewall 600 Firmware 4.0.1.009 and earlier allow remote authenticated users to inject arbitrary web script or HTML via (… | |
| CVE-2012-1624 | low | — | 3.5 | 14y ago | Multiple cross-site scripting (XSS) vulnerabilities in the Lingotek module 6.x-1.x before 6.x-1.40 for Drupal allow remote authenticated users to inject arbitrary web script or HTML when (1) creating… | |
| CVE-2012-4065 | low | — | 3.5 | 14y ago | Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to bypass unspecified authorization checks and obtain di… | |
| CVE-2012-1639 | low | — | 3.5 | 14y ago | Multiple cross-site scripting (XSS) vulnerabilities in product/commerce_product.module in the Drupal Commerce module for Drupal before 7.x-1.2 allow remote authenticated users to inject arbitrary web… | |
| CVE-2012-1588 | low | — | 3.5 | 14y ago | Algorithmic complexity vulnerability in the _filter_url function in the text filtering system (modules/filter/filter.module) in Drupal 7.x before 7.14 allows remote authenticated users with certain r… | |
| CVE-2012-1628 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in the SuperCron module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |
| CVE-2012-1627 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in vud_term.module in the Vote Up/Down module 6.x-2.x before 6.x-2.8 and 6.x-3.x before 6.x-3.1 for Drupal allows remote authenticated users to inject arbitra… | |
| CVE-2012-1653 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in the Taxonomy Views Integrator (TVI) module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via u… | |
| CVE-2012-1651 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in the Submenu Tree module before 6.x-1.5 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |
| CVE-2012-3924 | low | — | 3.5 | 14y ago | The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of … | |
| CVE-2012-3923 | low | — | 3.5 | 14y ago | The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to c… | |
| CVE-2012-4422 | low | — | 3.5 | 14y ago | wp-admin/plugins.php in WordPress before 3.4.2, when the multisite feature is enabled, does not check for network-administrator privileges before performing a network-wide activation of an installed … | |
| CVE-2012-0746 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, a… | |
| CVE-2012-3529 | low | — | 3.5 | 14y ago | Typo3 Backend Configuration XSS Vulnerability | |
| CVE-2012-3528 | low | — | 3.5 | 14y ago | Typo3 Backend XSS Vulnerability | |
| CVE-2012-2065 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in the Language Icons module 6.x-2.x before 6.x-2.1 and 7.x-1.x before 7.x-1.0 for Drupal allows remote authenticated users with administer languages permissi… | |
| CVE-2012-1613 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in edit_one_pic.php in Coppermine Photo Gallery before 1.5.20 allows remote authenticated users with certain privileges to inject arbitrary web script or HTML… | |
| CVE-2012-1606 | low | — | 3.5 | 14y ago | Typo3 Backend XSS Vulnerabilities | |
| CVE-2012-0713 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the XML feature in IBM DB2 9.7 before FP6 on Linux, UNIX, and Windows allows remote authenticated users to read arbitrary XML files via unknown vectors. | |
| CVE-2012-4587 | low | — | 3.5 | 14y ago | McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1, when one-time provisioning (OTP) mode is enabled, have an improper dependency on DNS SRV records, which makes it easi… | |
| CVE-2012-4586 | low | — | 3.5 | 14y ago | McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows… | |
| CVE-2012-4584 | low | — | 3.5 | 14y ago | McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, does not properly encrypt system-backup data, which makes it easi… | |
| CVE-2012-4579 | low | — | 3.5 | 14y ago | phpMyAdmin Multiple XSS Vulnerabilities | |
| CVE-2012-4345 | low | — | 3.5 | 14y ago | phpMyAdmin Multiple Cross-site Scripting Vulnerabilities in the Database Structure page | |
| CVE-2012-2985 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in InsertDocument.aspx in CuteSoft Cute Editor 6.4 allows remote authenticated users to inject arbitrary web script or HTML via the _UploadID parameter. | |
| CVE-2012-2205 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to inject arbitrary web script or HTML via a workspac… | |
| CVE-2012-2169 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in the file-upload functionality in the Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 allows remote authenticated users to inject arbitrary web s… | |
| CVE-2012-2165 | low | — | 3.5 | 14y ago | IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3, when ClearQuest Authentication is enabled, allows remote authenticated users to read password hashes via a user query. | |
| CVE-2012-2206 | low | — | 3.5 | 14y ago | The Web Gateway component in IBM WebSphere MQ File Transfer Edition 7.0.4 and earlier allows remote authenticated users to read files of arbitrary users via vectors involving a username in a URI, as … | |
| CVE-2012-2102 | low | — | 3.5 | 14y ago | MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT. | |
| CVE-2012-2141 | low | — | 3.5 | 14y ago | Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service (out-of-bounds read and… | |
| CVE-2012-4270 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in eFront 3.6.11 allows remote authenticated users to inject arbitrary web script or HTML via the subject box of a message. | |
| CVE-2012-3476 | low | — | 3.5 | 14y ago | Multiple cross-site scripting (XSS) vulnerabilities in (1) application/views/admin/layout.php and (2) themes/default/views/header.php in the Ushahidi Platform before 2.5 allow remote authenticated us… | |
| CVE-2012-3445 | low | — | 3.5 | 14y ago | The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to cause a denial of servi… | |
| CVE-2012-1344 | low | — | 3.5 | 14y ago | Cisco IOS 15.1 and 15.2, when a clientless SSL VPN is configured, allows remote authenticated users to cause a denial of service (device reload) by using a web browser to refresh the SSL VPN portal p… | |
| CVE-2012-1370 | low | — | 3.5 | 14y ago | Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 allows remote authenticated users to cause a denial of service (vpnagentd process crash) via a crafted packet, aka Bug ID CSCty01670. | |
| CVE-2012-2202 | low | — | 3.5 | 14y ago | Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allows remote authenticat… | |
| CVE-2012-2310 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in the cctags module for Drupal 6.x-1.x before 6.x-1.10 and 7.x-1.x before 7.x-1.10 allows remote authenticated users with certain roles to inject arbitrary w… | |
| CVE-2012-2309 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in the Glossify Internal Links Auto SEO module for Drupal 6.x-2.5 and earlier allows remote authenticated users with certain roles to inject arbitrary web scr… | |
| CVE-2012-2308 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in the Taxonomy Grid : Catalog module for Drupal 6.x-1.6 and earlier allows remote authenticated users with certain permissions to inject arbitrary web script… | |
| CVE-2012-3396 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in cohort/edit_form.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1 allows remote authenticated administrato… | |
| CVE-2012-3393 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in repository/lib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 allows remote authenticated administrators to inject arbitrary web script or HTML by… | |
| CVE-2012-3390 | low | — | 3.5 | 14y ago | lib/filelib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 does not properly restrict file access after a block has been hidden, which allows remote authenticated users to obtain sensitive i… | |
| CVE-2012-2365 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via the idnu… | |
| CVE-2012-2364 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in lib/filelib.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script o… | |
| CVE-2012-2361 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in admin/webservice/forms.php in the web services implementation in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authen… | |
| CVE-2012-2360 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in the Wiki subsystem in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web scrip… | |
| CVE-2012-3111 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect integrity, related to TECH,… | |
| CVE-2012-1764 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect integrity, related to MCF. | |
| CVE-2012-1762 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect integrity, related to TECH,… | |
| CVE-2012-1739 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect … | |
| CVE-2012-1733 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect confidentiality via unknown… | |
| CVE-2012-1727 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affe… | |
| CVE-2012-3371 | low | — | 3.5 | 14y ago | OpenStack Nova Scheduler denial of service through scheduler_hints | |
| CVE-2012-2214 | low | — | 3.5 | 14y ago | proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (applicat… | |
| CVE-2012-2725 | low | — | 3.5 | 14y ago | classes/Filter/WhitelistedExternalFilter.php in the Authoring HTML module 6.x-1.x before 6.x-1.1 for Drupal does not properly validate sources with the host white list, which allows remote authentica… | |
| CVE-2012-2381 | low | — | 3.5 | 14y ago | Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller before 5.0.1 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the blogger role. | |
| CVE-2012-1829 | low | — | 3.5 | 14y ago | Multiple cross-site scripting (XSS) vulnerabilities in AutoFORM PDM Archive before 6.920 allow remote authenticated users to inject arbitrary web script or HTML via unspecified fields. | |
| CVE-2012-2604 | low | — | 3.5 | 14y ago | Multiple cross-site scripting (XSS) vulnerabilities in GuestAccess.jsp in the Guest/Contractor access component in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote au… | |
| CVE-2012-2101 | low | — | 3.5 | 14y ago | Openstack Compute (Nova) Denial of service via network request that triggers large number of iptables rules | |
| CVE-2012-2340 | low | — | 3.5 | 14y ago | The Contact Forms module 7.x-1.x before 7.x-1.2 for Drupal does not specify sufficiently restrictive permissions, which allows remote authenticated users with the "access the site-wide contact form" … | |
| CVE-2012-1704 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.3.0 through 5.3.4, 6.0.1, and 6.2.0 allows remote authenticated users to affec… | |
| CVE-2012-1679 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.3.0 through 5.3.4, 6.0.1, and 6.2.0 allows remote authenticated users to affec… | |
| CVE-2012-1676 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.3.0 through 5.3.4, 6.0.1, and 6.2.0 allows remote authenticated users to affec… | |
| CVE-2012-0579 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0 through 10.5.0 and 11.0.0 through 11.4.0 allows remote authenticated users to… | |
| CVE-2012-0577 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0 through 10.5.0 and 11.0.0 through 11.4.0 allows remote authenticated users to… | |
| CVE-2012-0561 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect integrity, related to PIA C… | |
| CVE-2012-0544 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0 through 10.5.0 and 11.0.0 through 11.4.0 allows remote authenticated users to… | |
| CVE-2012-0541 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.3.0 through 5.3.4, 6.0.1, and 6.2.0 allows remote authenticated users to affec… | |
| CVE-2012-0531 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the PeopleSoft Enterprise Portal component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect integrity via unknown vectors related to Enterpri… | |
| CVE-2012-0529 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51 allows remote authenticated users to affect integrity via unknown vectors related to co… | |
| CVE-2012-0509 | low | — | 3.5 | 14y ago | Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2 and 5.3.0 through 5.3.4 allows remote authenticated users to affect integrity via… | |
| CVE-2012-0737 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |
| CVE-2012-0135 | low | — | 3.5 | 14y ago | Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authenticated users to cause a denial of service via unknown vectors. | |
| CVE-2012-1979 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in starnet/index.php in SyndeoCMS 3.0.01 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the email parameter (aka Ema… | |
| CVE-2012-1982 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in my_admin/admin1_list_pages.php in SocialCMS 1.0.2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the TR_title par… | |
| CVE-2012-1842 | low | — | 3.5 | 14y ago | Cross-site scripting (XSS) vulnerability in checkQKMProg.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with … | |
| CVE-2012-1082 | low | — | 3.5 | 15y ago | Cross-site scripting (XSS) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspec… | |
| CVE-2012-0991 | low | — | 3.5 | 15y ago | Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the formname parameter to (1) contrib/acog/print_form.php;… | |
| CVE-2012-0990 | low | — | 3.5 | 15y ago | Cross-site request forgery (CSRF) vulnerability in admin/settings/update in DClassifieds 0.1 final allows remote attackers to hijack the authentication of administrators for requests that modify acco… | |
| CVE-2012-0117 | low | — | 3.5 | 15y ago | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-048… | |
| CVE-2012-0112 | low | — | 3.5 | 15y ago | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CV… | |
| CVE-2012-0084 | low | — | 3.5 | 15y ago | Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 7.5.2, 10.1.3.5.1, 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote authenticated users to affect integri… | |
| CVE-2012-0077 | low | — | 3.5 | 15y ago | Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4, 10.0.2, 10.3.3, 10.3.4, and 10.3.5 allows remote authenticated users to affect integrity, related … | |
| CVE-2012-1088 | low | — | 3.3 | 13y ago | iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file used by (1) configure or (2) examples/dhcp-client-script. | |
| CVE-2012-6607 | low | — | 3.3 | 13y ago | The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup … | |
| CVE-2012-0786 | low | — | 3.3 | 13y ago | The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file. | |
| CVE-2012-5564 | low | — | 3.3 | 14y ago | android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users to overwrite arbitrary files via a symlink attack on /tmp/adb.log. | |
| CVE-2012-0569 | low | — | 3.3 | 14y ago | Unspecified vulnerability Oracle Sun Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors related to Install/smpatch. | |
| CVE-2012-3538 | low | — | 3.3 | 14y ago | Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log. | |
| CVE-2012-6348 | low | — | 3.3 | 14y ago | Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, … | |
| CVE-2012-6371 | low | — | 3.3 | 14y ago | The WPA2 implementation on the Belkin N900 F9K1104v1 router establishes a WPS PIN based on 6 digits of the LAN/WLAN MAC address, which makes it easier for remote attackers to obtain access to a Wi-Fi… | |
| CVE-2012-6337 | low | — | 3.3 | 14y ago | The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices shows the activation of remote tracking, which might allow physically proximate attackers to defeat a pr… | |
| CVE-2012-6336 | low | — | 3.3 | 14y ago | The Missing Device feature in Lookout allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer." | |
| CVE-2012-6335 | low | — | 3.3 | 14y ago | The Anti-theft service in AVG AntiVirus for Android allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer." | |
| CVE-2012-4046 | low | — | 3.3 | 14y ago | The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and reading the _paramR["… | |
| CVE-2012-3329 | low | — | 3.3 | 14y ago | IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator (BoMC) through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via… | |
| CVE-2012-4691 | low | — | 3.3 | 14y ago | Memory leak in Siemens Automation License Manager (ALM) 4.x and 5.x before 5.2 allows remote attackers to cause a denial of service (memory consumption) via crafted packets. | |
| CVE-2012-2377 | low | — | 3.3 | 14y ago | JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups … | |
| CVE-2012-4366 | low | — | 3.3 | 14y ago | Belkin wireless routers Surf N150 Model F7D1301v1, N900 Model F9K1104v1, N450 Model F9K1105V2, and N300 Model F7D2301v1 generate a predictable default WPA2-PSK passphrase based on eight digits of the… |