261401
|
- |
|
nicolas_tormo
|
phppaleo
|
Directory traversal vulnerability in index.php in phpPaleo 4.8b155 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
|
CWE-22
Path Traversal
|
CVE-2012-1671
|
2013-01-31 14:00 |
2012-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261402
|
- |
|
foxitsoftware
|
foxit_advanced_pdf_editor
|
Stack-based buffer overflow in Foxit Advanced PDF Editor 3 before 3.04 might allow remote attackers to execute arbitrary code via a crafted document containing instructions that reconstruct a certain…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0107
|
2013-01-30 14:00 |
2013-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261403
|
- |
|
ibm
|
websphere_application_server
|
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.1, 7.0 before 7.0.0.27, 8.0, and 8.5 has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2013-0462
|
2013-01-30 14:00 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261404
|
- |
|
ge
|
intelligent_platforms_proficy_real-time_information_portal
|
The Portal installation process in GE Intelligent Platforms Proficy Real-Time Information Portal stores sensitive information under the web root with insufficient access control, which allows remote …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0651
|
2013-01-30 14:00 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261405
|
- |
|
ge
|
intelligent_platforms_proficy_real-time_information_portal
|
GE Intelligent Platforms Proficy Real-Time Information Portal does not restrict access to methods of an unspecified Java class, which allows remote attackers to obtain a username listing via an RMI c…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0652
|
2013-01-30 14:00 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261406
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not properly reuse TCP sessions to the proxy se…
|
CWE-16
Configuration
|
CVE-2013-1450
|
2013-01-30 14:00 |
2013-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261407
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not ensure that the SSL lock icon is consistent…
|
CWE-16
Configuration
|
CVE-2013-1451
|
2013-01-30 14:00 |
2013-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261408
|
- |
|
freebsd
|
freebsd
|
The SCTP implementation in FreeBSD 8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted ASCONF chunk.
|
NVD-CWE-Other
|
CVE-2012-3549
|
2013-01-30 14:00 |
2012-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261409
|
- |
|
freebsd
|
freebsd
|
Per: http://cwe.mitre.org/data/definitions/476.html
'CWE-476: NULL Pointer Dereference'
|
NVD-CWE-Other
|
CVE-2012-3549
|
2013-01-30 14:00 |
2012-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261410
|
- |
|
wellintech
|
kingview
|
WellinTech KingView 6.5.3 and earlier uses a weak password-hashing algorithm, which makes it easier for local users to discover credentials by reading an unspecified file.
|
CWE-310
Cryptographic Issues
|
CVE-2012-4899
|
2013-01-30 14:00 |
2012-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|