259851
|
- |
|
bradfordnetworks
|
network_sentry_appliance_software network_sentry_appliance
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote attackers to hijack the authentication of administrator…
|
CWE-352
Origin Validation Error
|
CVE-2012-2605
|
2012-06-14 00:55 |
2012-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259852
|
- |
|
bradfordnetworks
|
network_sentry_appliance_software network_sentry_appliance
|
The agent in Bradford Network Sentry before 5.3.3 does not require authentication for messages, which allows remote attackers to trigger the display of arbitrary text on a workstation via a crafted p…
|
CWE-287
Improper Authentication
|
CVE-2012-2606
|
2012-06-14 00:55 |
2012-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259853
|
- |
|
adobe
|
coldfusion
|
CRLF injection vulnerability in the Component Browser in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via un…
|
CWE-94
Code Injection
|
CVE-2012-2041
|
2012-06-13 13:46 |
2012-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259854
|
- |
|
forescout
|
counteract
|
Multiple cross-site scripting (XSS) vulnerabilities in the status program on the ForeScout CounterACT appliance with software 6.3.3.2 through 6.3.4.10 allow remote attackers to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1825
|
2012-06-12 13:00 |
2012-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259855
|
- |
|
siemens
|
wincc
|
Multiple cross-site scripting (XSS) vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors …
|
CWE-79
Cross-site Scripting
|
CVE-2012-2595
|
2012-06-12 13:00 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259856
|
- |
|
siemens
|
wincc
|
The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 does not properly handle special characters in parameters, which allows remote authenticated users to …
|
CWE-94
Code Injection
|
CVE-2012-2596
|
2012-06-12 13:00 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259857
|
- |
|
siemens
|
wincc
|
Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote authenticated users to read arbitrary files via a crafted parameter in a URL.
|
CWE-22
Path Traversal
|
CVE-2012-2597
|
2012-06-12 13:00 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259858
|
- |
|
siemens
|
wincc
|
Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2598
|
2012-06-12 13:00 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259859
|
- |
|
bmc
|
identity_management_suite
|
Cross-site request forgery (CSRF) vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote attackers to hijack the authentication of administrato…
|
CWE-352
Origin Validation Error
|
CVE-2012-2959
|
2012-06-12 13:00 |
2012-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259860
|
- |
|
siemens
|
wincc
|
Open redirect vulnerability in an unspecified web application in Siemens WinCC 7.0 SP3 before Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks vi…
|
CWE-20
Improper Input Validation
|
CVE-2012-3003
|
2012-06-12 13:00 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|