259101
|
- |
|
renren
|
renren_talk
|
Heap-based buffer overflow in RenRen Talk 2.9 allows remote attackers to execute arbitrary code via a crafted image in a chat message, as demonstrated using a PNG file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0916
|
2012-01-26 03:48 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259102
|
- |
|
oetiker
|
smokeping
|
Cross-site scripting (XSS) vulnerability in smokeping_cgi in Smokeping 2.4.2, 2.6.6, and other versions before 2.6.7 allows remote attackers to inject arbitrary web script or HTML via the displaymode…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0790
|
2012-01-25 14:00 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259103
|
- |
|
renren
|
renren_talk
|
Integer signedness error in RenRen Talk 2.9 allows remote attackers to execute arbitrary code via crafted dimensions of a skin file, leading to a heap-based buffer overflow, as demonstrated using a B…
|
CWE-189
Numeric Errors
|
CVE-2012-0915
|
2012-01-25 14:00 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259104
|
- |
|
xiaomi
|
mitalk_messenger
|
The Xiaomi MiTalk Messenger (com.xiaomi.channel) application before 2.1.320 for Android does not properly protect data, which allows remote attackers to read or modify messaging information via a cra…
|
CWE-200
Information Exposure
|
CVE-2011-4697
|
2012-01-25 14:00 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259105
|
- |
|
hatena
|
callconfirm
|
The CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application 2.0.0 for Android does not properly protect data, which allows remote attackers to read or modify allow/block lists via a crafted appl…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4701
|
2012-01-25 14:00 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259106
|
- |
|
nimbuzz
|
nimbuzz
|
The Nimbuzz (com.nimbuzz) application 2.0.8 and 2.0.10 for Android does not properly protect data, which allows remote attackers to read or modify a contact list via a crafted application.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4702
|
2012-01-25 14:00 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259107
|
- |
|
voxofon
|
voxofon
|
The Voxofon (com.voxofon) application before 2.5.2 for Android does not properly protect data, which allows remote attackers to read or modify SMS information via a crafted application.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4704
|
2012-01-25 14:00 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259108
|
- |
|
ming
|
blacklist_free
|
The Ming Blacklist Free (vc.software.blacklist) application 1.8.1 and 1.9.2.1 for Android does not properly protect data, which allows remote attackers to read or modify blacklists and a contact list…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4705
|
2012-01-25 14:00 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259109
|
- |
|
stone-ware
|
webnetwork
|
SQL injection vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-0912
|
2012-01-25 01:56 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259110
|
- |
|
stone-ware
|
webnetwork
|
Cross-site request forgery (CSRF) vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to hijack the authentication of unspecified victims for requests that modify user accoun…
|
CWE-352
Origin Validation Error
|
CVE-2012-0286
|
2012-01-25 01:53 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|