261661
|
- |
|
coolpdf
|
coolpdf
|
Stack-based buffer overflow in the reader in CoolPDF 3.0.2.256 allows remote attackers to execute arbitrary code via a PDF document with a crafted stream.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4914
|
2013-01-28 14:00 |
2013-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261662
|
- |
|
tp-link
|
tl-wr841n_firmware tl-wr841n
|
Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitr…
|
CWE-22
Path Traversal
|
CVE-2012-6276
|
2013-01-28 14:00 |
2013-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261663
|
- |
|
oracle
|
mojarra
|
Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application Server, Caucho Resin, and other applications, does not properly handle an unencrypted view state, which allows remote attackers t…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2087
|
2013-01-28 14:00 |
2010-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261664
|
- |
|
typsoft
|
typsoft_ftp_server
|
Buffer overflow in TYPSoft FTP Server 1.1 allows remote authenticated users to cause a denial of service (application crash) via a long string in an APPE command.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5329
|
2013-01-26 13:58 |
2012-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261665
|
- |
|
phpmyadmin
|
phpmyadmin
|
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of (1) an event, (2) a …
|
CWE-79
Cross-site Scripting
|
CVE-2012-5339
|
2013-01-26 13:58 |
2012-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261666
|
- |
|
phpmyadmin
|
phpmyadmin
|
phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting (XS…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5368
|
2013-01-26 13:58 |
2012-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261667
|
- |
|
phpmyadmin
|
phpmyadmin
|
phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allo…
|
CWE-94
Code Injection
|
CVE-2012-5159
|
2013-01-26 13:57 |
2012-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261668
|
- |
|
phpmyadmin
|
phpmyadmin
|
Although not found in all distributions of this software, the vulnerability was scored assuming that it was. End-users will need to identify whether their distribution does in fact contain the vulner…
|
CWE-94
Code Injection
|
CVE-2012-5159
|
2013-01-26 13:57 |
2012-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261669
|
- |
|
rockwellautomation
|
controllogix_controllers guardlogix_controllers micrologix softlogix_controllers 1756-enbt 1756-eweb 1768-enbt 1768-eweb 1794-aentr_flex_i\/o_ethernet\/ip_adapter compactlo…
|
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/…
|
CWE-200
Information Exposure
|
CVE-2012-6441
|
2013-01-26 01:32 |
2013-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261670
|
- |
|
rockwellautomation
|
controllogix_controllers guardlogix_controllers micrologix softlogix_controllers 1756-enbt 1756-eweb 1768-enbt 1768-eweb 1794-aentr_flex_i\/o_ethernet\/ip_adapter compactlo…
|
The web-server password-authentication functionality in Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E cont…
|
CWE-287
Improper Authentication
|
CVE-2012-6440
|
2013-01-26 01:31 |
2013-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|