257101
|
- |
|
sielcosistemi
|
winlog_pro winlog_lite
|
Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP…
|
CWE-20
Improper Input Validation
|
CVE-2012-4357
|
2012-08-20 13:00 |
2012-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257102
|
- |
|
sielcosistemi
|
winlog_pro winlog_lite
|
Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of servic…
|
CWE-20
Improper Input Validation
|
CVE-2012-4358
|
2012-08-20 13:00 |
2012-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257103
|
- |
|
sielcosistemi
|
winlog_pro winlog_lite
|
Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of servic…
|
CWE-20
Improper Input Validation
|
CVE-2012-4359
|
2012-08-20 13:00 |
2012-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257104
|
- |
|
bloxx
|
web_filtering
|
Multiple cross-site scripting (XSS) vulnerabilities in Bloxx Web Filtering before 5.0.14 allow (1) remote attackers to inject arbitrary web script or HTML via web traffic that is examined within the …
|
CWE-79
Cross-site Scripting
|
CVE-2012-2563
|
2012-08-19 12:44 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257105
|
- |
|
bloxx
|
web_filtering
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Bloxx Web Filtering before 5.0.14 allow remote attackers to hijack the authentication of administrators f…
|
CWE-352
Origin Validation Error
|
CVE-2012-2564
|
2012-08-19 12:44 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257106
|
- |
|
bloxx
|
web_filtering
|
Bloxx Web Filtering before 5.0.14 does not use a salt during calculation of a password hash, which makes it easier for context-dependent attackers to determine cleartext passwords via a rainbow-table…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2565
|
2012-08-19 12:44 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257107
|
- |
|
bloxx
|
web_filtering
|
Bloxx Web Filtering before 5.0.14 does not properly interpret X-Forwarded-For headers during access-control and logging operations for HTTPS connection attempts, which allows remote attackers to bypa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2566
|
2012-08-19 12:44 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257108
|
- |
|
sap
|
netweaver
|
The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace config…
|
CWE-20
Improper Input Validation
|
CVE-2012-2611
|
2012-08-19 12:44 |
2012-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257109
|
- |
|
cisco
|
wireless_control_system_software
|
The TAC Case Attachment tool in Cisco Wireless Control System (WCS) 7.0 allows remote authenticated users to read arbitrary files under webnms/Temp/ via unspecified vectors, aka Bug ID CSCtq86807.
|
CWE-200
Information Exposure
|
CVE-2011-4014
|
2012-08-19 12:38 |
2012-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257110
|
- |
|
lattice_semiconductor
|
lattice_diamond_programmer
|
Buffer overflow in programmer.exe in Lattice Diamond Programmer 1.4.2 allows user-assisted remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long stri…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2614
|
2012-08-18 13:00 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|