257331
|
- |
|
digium
|
asterisk
|
Per: http://cwe.mitre.org/data/definitions/476.html
'CWE-476: NULL Pointer Dereference'
|
NVD-CWE-Other
|
CVE-2012-3553
|
2012-06-26 13:00 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257332
|
- |
|
dell
|
wyse_device_manager
|
hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which allows remote attackers to obtain management access via a crafted query, as demonstrated by a V52 que…
|
CWE-287
Improper Authentication
|
CVE-2009-0695
|
2012-06-26 13:00 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257333
|
- |
|
php
|
php
|
PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2001-1247
|
2012-06-25 13:00 |
2001-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257334
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 7.0 before 7.0.0.23, when a certain SSLv2 configuration with client authentication is used, allows remote attackers to bypass X.509 client-certificate authentication …
|
CWE-287
Improper Authentication
|
CVE-2012-0717
|
2012-06-21 13:00 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257335
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Windows, and 2.x before 2.5 MR6 and 3.x before 3.0 MR8 on Mac OS X and Linu…
|
CWE-20
Improper Input Validation
|
CVE-2012-2493
|
2012-06-21 13:00 |
2012-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257336
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to t…
|
CWE-20
Improper Input Validation
|
CVE-2012-2494
|
2012-06-21 13:00 |
2012-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257337
|
- |
|
cisco
|
anyconnect_secure_mobility_client secure_desktop
|
The HostScan downloader implementation in Cisco AnyConnect Secure Mobility Client 3.x before 3.0 MR8 and Cisco Secure Desktop before 3.6.6020 does not compare the timestamp of offered software to the…
|
CWE-20
Improper Input Validation
|
CVE-2012-2495
|
2012-06-21 13:00 |
2012-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257338
|
- |
|
adiscon
|
loganalyzer
|
Cross-site scripting (XSS) vulnerability in index.php in Adiscon LogAnalyzer before 3.4.4 and 3.5.x before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the highlight param…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3790
|
2012-06-21 13:00 |
2012-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257339
|
- |
|
openssl
|
openssl
|
The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when FIPS mode is enabled, does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obt…
|
CWE-310
Cryptographic Issues
|
CVE-2011-5095
|
2012-06-21 13:00 |
2012-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257340
|
- |
|
kent-web
|
web_patio
|
Cross-site scripting (XSS) vulnerability in KENT-WEB WEB PATIO 4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2636
|
2012-06-20 13:00 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|