257371
|
- |
|
yahoo
|
toolbar
|
Yahoo! Toolbar 1.0.0.5 and earlier for Chrome and Safari allows remote attackers to modify the configured search URL, and intercept search terms, via a crafted web page.
|
CWE-200
Information Exposure
|
CVE-2012-2647
|
2012-07-31 19:45 |
2012-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257372
|
- |
|
iconics
|
genesis32 bizviz
|
The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authen…
|
CWE-310
Cryptographic Issues
|
CVE-2012-3018
|
2012-07-31 19:45 |
2012-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257373
|
- |
|
apple
|
xcode
|
Apple Xcode before 4.4 does not properly compose a designated requirement (DR) during signing of programs that lack bundle identifiers, which allows remote attackers to read keychain entries via a cr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3698
|
2012-07-31 13:00 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257374
|
- |
|
apple
|
safari
|
Apple Safari before 6.0 allows remote attackers to read arbitrary files via a feed:// URL.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0679
|
2012-07-30 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257375
|
- |
|
plaatsoft
|
addressbook
|
Cross-site request forgery (CSRF) vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vector…
|
CWE-352
Origin Validation Error
|
CVE-2012-2307
|
2012-07-30 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257376
|
- |
|
wearepropeople
|
glossify_internal_links_auto_seo
|
Cross-site scripting (XSS) vulnerability in the Glossify Internal Links Auto SEO module for Drupal 6.x-2.5 and earlier allows remote authenticated users with certain roles to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2309
|
2012-07-30 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257377
|
- |
|
nedprod
|
nedmalloc
|
Multiple integer overflows in the (1) CallMalloc (malloc) and (2) nedpcalloc (calloc) functions in nedmalloc (nedmalloc.c) before 1.10 beta2 make it easier for context-dependent attackers to perform …
|
CWE-189
Numeric Errors
|
CVE-2012-2675
|
2012-07-30 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257378
|
- |
|
emery_berger
|
hoard
|
Multiple integer overflows in the (1) malloc and (2) calloc functions in Hoard before 3.9 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows on …
|
CWE-189
Numeric Errors
|
CVE-2012-2676
|
2012-07-30 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257379
|
- |
|
invensys
|
foxboro_control_software infusion_ce\/fe\/scada intouch intouch\/wonderware_application_server wonderware_historian wonderware_inbatch wonderware_information_server
|
Untrusted search path vulnerability in Invensys Wonderware InTouch 2012 and earlier, as used in Wonderware Application Server, Wonderware Information Server, Foxboro Control Software, InFusion CE/FE/…
|
NVD-CWE-Other
|
CVE-2012-3005
|
2012-07-30 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257380
|
- |
|
invensys
|
foxboro_control_software infusion_ce\/fe\/scada intouch intouch\/wonderware_application_server wonderware_historian wonderware_inbatch wonderware_information_server
|
Per: http://cwe.mitre.org/data/definitions/426.html
'CWE-426: Untrusted Search Path'
|
NVD-CWE-Other
|
CVE-2012-3005
|
2012-07-30 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|