Search

Search Results (363262 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-4985 1 Forescout 1 Counteract 2025-04-11 N/A
The Forescout CounterACT NAC device 6.3.4.1 does not block ARP and ICMP traffic from unrecognized clients, which allows remote attackers to conduct ARP poisoning attacks via crafted packets.
CVE-2012-4987 1 Realnetworks 1 Realplayer 2025-04-11 N/A
Stack-based buffer overflow in RealNetworks RealPlayer 15.0.5.109 allows user-assisted remote attackers to execute arbitrary code via a crafted ZIP file that triggers incorrect processing of long pathnames by the Watch Folders feature.
CVE-2012-4989 1 Openx 1 Openx 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in admin/plugin-index.php in OpenX 2.8.10 before revision 81823 allows remote attackers to inject arbitrary web script or HTML via the parent parameter in an info action.
CVE-2012-4990 1 Openx 1 Openx 2025-04-11 N/A
SQL injection vulnerability in admin/campaign-zone-link.php in OpenX 2.8.10 before revision 81823 allows remote attackers to execute arbitrary SQL commands via the ids[] parameter in a link action.
CVE-2012-4991 1 Axway 1 Securetransport 2025-04-11 N/A
Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and earlier allow remote authenticated users to (1) read, (2) delete, or (3) create files, or (4) list directories, via a ..%5C (encoded dot dot backslash) in a URI.
CVE-2012-4992 1 Flashfxp 1 Flashfxp 2025-04-11 N/A
Multiple buffer overflows in FlashFXP.exe in FlashFXP 4.2 allow remote authenticated users to execute arbitrary code via a long unicode string to (1) TListbox or (2) TComboBox.
CVE-2012-4993 1 Rivetcode 1 Rivettracker 2025-04-11 N/A
torrent_functions.php in RivetTracker 1.03 and earlier does not properly restrict access, which allows remote attackers to have an unspecified impact.
CVE-2012-4994 1 Limesurvey 1 Limesurvey 2025-04-11 N/A
SQL injection vulnerability in admin/admin.php in LimeSurvey before 1.91+ Build 120224 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a browse action. NOTE: some of these details are obtained from third party information.
CVE-2012-4995 1 Limesurvey 1 Limesurvey 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in admin/userrighthandling.php in LimeSurvey before 1.91+ Build 120224 allows remote attackers to inject arbitrary web script or HTML via the full_name parameter in a moduser action to admin/admin.php. NOTE: some of these details are obtained from third party information.
CVE-2012-4996 1 Rivetcode 1 Rivettracker 2025-04-11 N/A
Multiple SQL injection vulnerabilities in RivetTracker 1.03 and earlier allow remote attackers to execute arbitrary SQL commands via the hash parameter to (1) dltorrent.php or (2) torrent_functions.php.
CVE-2012-4997 1 Anecms 1 Anecms 2025-04-11 N/A
Directory traversal vulnerability in acp/index.php in AneCMS allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter.
CVE-2012-4998 1 Starcms 1 Starcms 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in index.php in starCMS allows remote attackers to inject arbitrary web script or HTML via the q parameter.
CVE-2012-4999 1 Mercurycom 2 Mr804, Mr804 Firmware 2025-04-11 N/A
Mercury MR804 Router 8.0 3.8.1 Build 101220 Rel.53006nB allows remote attackers to cause a denial of service (service hang) via a crafted string in HTTP header fields such as (1) If-Modified-Since, (2) If-None-Match, or (3) If-Unmodified-Since. NOTE: some of these details are obtained from third party information.
CVE-2012-5000 2 Blueteck, Dzcp 2 Witze Addon, Dev\!l\'z Clanportal 2025-04-11 N/A
SQL injection vulnerability in jokes/index.php in the Witze addon 0.9 for deV!L'z Clanportal allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action.
CVE-2012-5001 1 Hitachi 1 Jp1\/cm2\/network Node Manager 2025-04-11 N/A
Multiple unspecified vulnerabilities in Hitachi JP1/Cm2/Network Node Manager i before 09-50-03 allow remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors.
CVE-2012-5002 1 Ricoh 2 Dl-10, Sr10 Ftp Server 2025-04-11 N/A
Stack-based buffer overflow in SR10 FTP server (SR10.exe) 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote attackers to execute arbitrary code via a long USER FTP command.
CVE-2012-5003 1 Nomachine 1 Nx Web Companion 2025-04-11 N/A
nxapplet.jar in No Machine NX Web Companion 3.x and earlier does not properly verify the authenticity of updates, which allows user-assisted remote attackers to execute arbitrary code via a crafted (1) SiteUrl or (2) RedirectUrl parameter that points to a Trojan Horse client.zip update file.
CVE-2012-5004 1 Parallels 1 H-sphere 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Parallels H-Sphere 3.3 Patch 1 allow remote attackers to hijack the authentication of admins for requests that (1) add group plans via admin/group_plans.html or (2) add extra packages via admin/extra_packs/create_extra_pack.html.
CVE-2012-5005 1 Frankdeveloper 1 Vr Gpub 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in admin/admin_options.php in VR GPub 4.0 allows remote attackers to hijack the authentication of admins for requests that add admin accounts via an add action.
CVE-2012-5006 1 Caminova 1 Djvu Browser Plug-in 2025-04-11 N/A
Heap-based buffer overflow in npdjvu.dll in Caminova DjVu Browser Plug-in 6.1.4 Build 27351 and other versions before 6.1.4.27993 allows remote attackers to execute arbitrary code via a crafted Sjbz chunk in a djvu file.