|
263401
|
- |
|
nimbuzz
|
nimbuzz
|
The Nimbuzz (com.nimbuzz) application 2.0.8 and 2.0.10 for Android does not properly protect data, which allows remote attackers to read or modify a contact list via a crafted application.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4702
|
2012-01-25 14:00 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263402
|
- |
|
voxofon
|
voxofon
|
The Voxofon (com.voxofon) application before 2.5.2 for Android does not properly protect data, which allows remote attackers to read or modify SMS information via a crafted application.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4704
|
2012-01-25 14:00 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263403
|
- |
|
ming
|
blacklist_free
|
The Ming Blacklist Free (vc.software.blacklist) application 1.8.1 and 1.9.2.1 for Android does not properly protect data, which allows remote attackers to read or modify blacklists and a contact list…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4705
|
2012-01-25 14:00 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263404
|
- |
|
stone-ware
|
webnetwork
|
SQL injection vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-0912
|
2012-01-25 01:56 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263405
|
- |
|
stone-ware
|
webnetwork
|
Cross-site request forgery (CSRF) vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to hijack the authentication of unspecified victims for requests that modify user accoun…
|
CWE-352
Origin Validation Error
|
CVE-2012-0286
|
2012-01-25 01:53 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263406
|
- |
|
stone-ware
|
webnetwork
|
Multiple cross-site scripting (XSS) vulnerabilities in Stoneware webNetwork before 6.0.8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-0285
|
2012-01-25 00:55 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263407
|
- |
|
glucose
|
glucose_2
|
Cross-site scripting (XSS) vulnerability in glucose 2 before stage 6.2 allows remote attackers to inject arbitrary web script or HTML via an RSS feed.
|
CWE-79
Cross-site Scripting
|
CVE-2012-0313
|
2012-01-24 14:00 |
2012-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263408
|
- |
|
emc
|
rsa_adaptive_authentication_on-premise
|
EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly implement Device Recovery and Device Identification, which might allow …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2741
|
2012-01-24 13:00 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263409
|
- |
|
emc
|
rsa_adaptive_authentication_on-premise
|
EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 does not properly perform forensic evaluation upon receipt of device tokens from mobile a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2742
|
2012-01-24 13:00 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263410
|
- |
|
yahoo
|
messenger
|
Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo! Messenger before 11.5.0.155, when photo sharing is enabled, might allow remote attackers to execute arbitrary code via a crafte…
|
CWE-189
Numeric Errors
|
CVE-2012-0268
|
2012-01-23 14:00 |
2012-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
