|
257251
|
- |
|
wearepropeople
|
glossify_internal_links_auto_seo
|
Cross-site scripting (XSS) vulnerability in the Glossify Internal Links Auto SEO module for Drupal 6.x-2.5 and earlier allows remote authenticated users with certain roles to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2309
|
2012-07-30 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257252
|
- |
|
nedprod
|
nedmalloc
|
Multiple integer overflows in the (1) CallMalloc (malloc) and (2) nedpcalloc (calloc) functions in nedmalloc (nedmalloc.c) before 1.10 beta2 make it easier for context-dependent attackers to perform …
|
CWE-189
Numeric Errors
|
CVE-2012-2675
|
2012-07-30 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257253
|
- |
|
emery_berger
|
hoard
|
Multiple integer overflows in the (1) malloc and (2) calloc functions in Hoard before 3.9 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows on …
|
CWE-189
Numeric Errors
|
CVE-2012-2676
|
2012-07-30 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257254
|
- |
|
invensys
|
foxboro_control_software
infusion_ce\/fe\/scada
intouch
intouch\/wonderware_application_server
wonderware_historian
wonderware_inbatch
wonderware_information_server
|
Untrusted search path vulnerability in Invensys Wonderware InTouch 2012 and earlier, as used in Wonderware Application Server, Wonderware Information Server, Foxboro Control Software, InFusion CE/FE/…
|
NVD-CWE-Other
|
CVE-2012-3005
|
2012-07-30 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257255
|
- |
|
invensys
|
foxboro_control_software
infusion_ce\/fe\/scada
intouch
intouch\/wonderware_application_server
wonderware_historian
wonderware_inbatch
wonderware_information_server
|
Per: http://cwe.mitre.org/data/definitions/426.html
'CWE-426: Untrusted Search Path'
|
NVD-CWE-Other
|
CVE-2012-3005
|
2012-07-30 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257256
|
- |
|
siemens
|
simatic_pcs7
simatic_step_7
|
Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse D…
|
NVD-CWE-Other
|
CVE-2012-3015
|
2012-07-30 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257257
|
- |
|
siemens
|
simatic_pcs7
simatic_step_7
|
Per: http://cwe.mitre.org/data/definitions/426.html
'CWE-426: Untrusted Search Path'
|
NVD-CWE-Other
|
CVE-2012-3015
|
2012-07-30 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257258
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site.
|
CWE-20
Improper Input Validation
|
CVE-2012-3689
|
2012-07-30 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257259
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 does not properly handle file: URLs, which allows remote attackers to bypass intended sandbox restrictions and read arbitrary files by leveraging a WebProcess compro…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3697
|
2012-07-30 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257260
|
- |
|
comodo
|
comodo_antivirus
|
The Microsoft Office file parser in Comodo Antivirus 7425 allows remote attackers to bypass malware detection via an Office file with a \50\4B\53\70\58 character sequence at a certain location.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1437
|
2012-07-28 12:30 |
2012-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
