261591
|
- |
|
welcart
|
welcart_plugin
|
Cross-site scripting (XSS) vulnerability in the Welcart plugin before 1.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5177
|
2012-12-20 03:58 |
2012-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261592
|
- |
|
realnetworks
|
realplayer realplayer_sp
|
RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allow remote attackers to execute arbitrary code via a RealAudio file that triggers access to an invalid pointer.
|
CWE-94
Code Injection
|
CVE-2012-5690
|
2012-12-19 20:55 |
2012-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261593
|
- |
|
realnetworks
|
realplayer realplayer_sp
|
Buffer overflow in RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted RealMedia file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5691
|
2012-12-19 20:55 |
2012-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261594
|
- |
|
huawei
|
e585 e585u-82
|
Multiple directory traversal vulnerabilities on the Huawei E585 device allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the PATH_INFO of an sdcard/ request or (2) modify arbit…
|
CWE-22
Path Traversal
|
CVE-2012-5969
|
2012-12-19 20:55 |
2012-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261595
|
- |
|
invensys siemens
|
wonderware_intouch processsuite
|
Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_security.ini, which makes it easier for local users to discover passwords by re…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4693
|
2012-12-19 14:00 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261596
|
- |
|
owncloud
|
owncloud
|
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a crafted mount.php file in a ZIP file.
|
NVD-CWE-Other
|
CVE-2012-5609
|
2012-12-19 14:00 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261597
|
- |
|
owncloud
|
owncloud
|
Per: http://cwe.mitre.org/data/definitions/184.html 'CWE-184: Incomplete Blacklist'
|
NVD-CWE-Other
|
CVE-2012-5609
|
2012-12-19 14:00 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261598
|
- |
|
libssh
|
libssh
|
Double free vulnerability in the sftp_mkdir function in sftp.c in libssh before 0.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified …
|
CWE-399
Resource Management Errors
|
CVE-2012-6063
|
2012-12-19 14:00 |
2012-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261599
|
- |
|
etalabs
|
musl
|
Stack-based buffer overflow in fprintf in musl before 0.8.8 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string to…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2114
|
2012-12-19 13:52 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261600
|
- |
|
redhat
|
policykit
|
Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effec…
|
CWE-362
Race Condition
|
CVE-2011-1485
|
2012-12-19 13:39 |
2011-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|