|
257341
|
- |
|
kent-web
|
web_patio
|
Cross-site scripting (XSS) vulnerability in KENT-WEB WEB PATIO 4.04 and earlier might allow remote attackers to inject arbitrary web script or HTML via a crafted cookie.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2637
|
2012-06-20 13:00 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257342
|
- |
|
wap2
|
smallpict
|
Cross-site scripting (XSS) vulnerability in SmallPICT.cgi in SmallPICT before 2.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2638
|
2012-06-20 13:00 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257343
|
- |
|
opera
|
opera_browser
|
Opera before 11.65 does not ensure that keyboard sequences are associated with a visible window, which makes it easier for user-assisted remote attackers to conduct cross-site scripting (XSS) attacks…
|
NVD-CWE-noinfo
|
CVE-2012-3555
|
2012-06-20 13:00 |
2012-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257344
|
- |
|
interactivedata
|
esignal
|
WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long StyleTemplate element in a QUO, SUM or POR …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3494
|
2012-06-20 13:00 |
2011-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257345
|
- |
|
dell
|
wyse_device_manager
|
Multiple buffer overflows in Wyse Device Manager (WDM) 4.7.x allow remote attackers to execute arbitrary code via (1) the User-Agent HTTP header to hserver.dll or (2) unspecified input to hagent.exe.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-0693
|
2012-06-20 13:00 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257346
|
- |
|
mozilla
|
firefox
seamonkey
thunderbird
|
Use-after-free vulnerability in the nsHTMLSelectElement function in nsHTMLSelectElement.cpp in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allows remote att…
|
CWE-399
Resource Management Errors
|
CVE-2011-3671
|
2012-06-19 13:00 |
2012-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257347
|
- |
|
gnu
|
gnash
|
The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2) /tmp/gnash-configure-warnings.$$, or (3) /tmp/g…
|
CWE-59
Link Following
|
CVE-2010-4337
|
2012-06-19 12:35 |
2011-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257348
|
- |
|
seil
|
b1
x1
x2
b1_firmware
x86_firmware
|
SEIL routers with firmware SEIL/x86 1.00 through 2.35, SEIL/X1 2.30 through 3.75, SEIL/X2 2.30 through 3.75, and SEIL/B1 2.30 through 3.75, when the http-proxy and application-gateway features are en…
|
NVD-CWE-Other
|
CVE-2012-2632
|
2012-06-18 13:00 |
2012-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257349
|
- |
|
newsgator
|
feeddemon
|
Cross-site scripting (XSS) vulnerability in FeedDemon before 4.0, when the feed preview option is enabled, allows remote attackers to inject arbitrary web script or HTML via a feed.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2634
|
2012-06-18 13:00 |
2012-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257350
|
- |
|
dolphin-browser
|
dolphin_browser_hd
dolphin_for_pad
|
The Dolphin Browser HD application before 7.6 and Dolphin for Pad application before 1.0.1 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive i…
|
CWE-200
Information Exposure
|
CVE-2012-2635
|
2012-06-18 13:00 |
2012-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
