257081
|
- |
|
psyced
|
psyced
|
psyced before 20120821 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted.
|
CWE-20
Improper Input Validation
|
CVE-2012-4671
|
2012-08-27 13:00 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257082
|
- |
|
thomas_hunter
|
neoinvoice
|
SQL injection vulnerability in application/controllers/invoice.php in NeoInvoice might allow remote attackers to execute arbitrary SQL commands via vectors involving the sort_col variable in the list…
|
CWE-89
SQL Injection
|
CVE-2012-4673
|
2012-08-27 13:00 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257083
|
- |
|
google
|
tunnelblick
|
The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a (1) symlink or (2) hard link, a different vulnerability tha…
|
CWE-59
Link Following
|
CVE-2012-4676
|
2012-08-27 13:00 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257084
|
- |
|
google
|
tunnelblick
|
Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by using a crafted Info.plist file to control the gOkIfNotSecure value.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4677
|
2012-08-27 13:00 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257085
|
- |
|
comodo
|
comodo_internet_security
|
Multiple race conditions in Comodo Internet Security before 5.8.213334.2131 allow local users to bypass the Defense+ feature via unspecified vectors.
|
CWE-362
Race Condition
|
CVE-2011-5118
|
2012-08-27 13:00 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257086
|
- |
|
comodo
|
comodo_internet_security
|
Multiple race conditions in Comodo Internet Security before 5.8.211697.2124 allow local users to bypass the Defense+ feature via unspecified vectors.
|
CWE-362
Race Condition
|
CVE-2011-5119
|
2012-08-27 13:00 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257087
|
- |
|
comodo
|
comodo_internet_security
|
The Antivirus component in Comodo Internet Security before 5.4.189822.1355 allows remote attackers to cause a denial of service (application crash) via a crafted .PST file.
|
NVD-CWE-noinfo
|
CVE-2011-5120
|
2012-08-27 13:00 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257088
|
- |
|
comodo
|
comodo_internet_security
|
The Antivirus component in Comodo Internet Security before 5.3.175888.1227 does not properly check whether unspecified X.509 certificates are revoked, which has unknown impact and remote attack vecto…
|
CWE-310
Cryptographic Issues
|
CVE-2011-5121
|
2012-08-27 13:00 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257089
|
- |
|
silverstripe
|
silverstripe
|
The Security/changepassword URL action in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 passes a token as a GET parameter while changing a password through email, which allows remote attack…
|
CWE-255 CWE-352
Credentials Management Origin Validation Error
|
CVE-2010-5080
|
2012-08-27 13:00 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257090
|
- |
|
silverstripe
|
silverstripe
|
SilverStripe before 2.4.2 does not properly restrict access to pages in draft mode, which allows remote attackers to obtain sensitive information.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5089
|
2012-08-27 13:00 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|