|
258041
|
- |
|
typo3
|
typo3
|
PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x before 4.5.9, 4.6.x before 4.6.2, and development versions of 4.…
|
CWE-94
Code Injection
|
CVE-2011-4614
|
2012-02-29 14:00 |
2012-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258042
|
- |
|
tencent
|
mobileqq
|
The Tencent MobileQQ (com.tencent.mobileqq) application 2.2 for Android does not properly protect data, which allows remote attackers to read or modify messages and a friends list via a crafted appli…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4864
|
2012-02-29 14:00 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258043
|
- |
|
tencent
|
microblogpad
wblog
|
The Tencent WBlog (com.tencent.WBlog) 3.3.1 and MicroBlogPad 1.4.0 applications for Android do not properly protect data, which allows remote attackers to read or modify message drafts and search key…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4865
|
2012-02-29 14:00 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258044
|
- |
|
netcreators
|
irfaq
|
Open redirect vulnerability in the Modern FAQ (irfaq) extension 1.1.2 and other versions before 1.1.4 for TYPO3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing a…
|
CWE-20
Improper Input Validation
|
CVE-2011-5079
|
2012-02-29 14:00 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258045
|
- |
|
utc
|
utc_fire_\&_security_ge-mc100-ntp\/gps-zb_master_clock_device
|
The UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock device uses hardcoded credentials for an administrative account, which makes it easier for remote attackers to obtain access via an HTTP sessi…
|
CWE-255
Credentials Management
|
CVE-2012-1288
|
2012-02-27 14:00 |
2012-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258046
|
- |
|
sap
|
netweaver
|
Unspecified vulnerability in the MessagingSystem servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the MessagingSystem Performance Data via unspecified vector…
|
NVD-CWE-noinfo
|
CVE-2012-1292
|
2012-02-27 14:00 |
2012-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258047
|
- |
|
adobe
|
shockwave_player
|
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a dif…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0766
|
2012-02-25 13:21 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258048
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
The RV20 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle the frame size array, which allows remote attackers to ex…
|
CWE-94
Code Injection
|
CVE-2012-0923
|
2012-02-25 13:21 |
2012-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258049
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via vectors involving a VIDOBJ_START_CODE code in …
|
CWE-94
Code Injection
|
CVE-2012-0924
|
2012-02-25 13:21 |
2012-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258050
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
The RV10 codec in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, does not properly handle height and width values, which allows remote attackers to…
|
CWE-94
Code Injection
|
CVE-2012-0926
|
2012-02-25 13:21 |
2012-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
