Search

Search Results (363530 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-4999 1 Mercurycom 2 Mr804, Mr804 Firmware 2025-04-11 N/A
Mercury MR804 Router 8.0 3.8.1 Build 101220 Rel.53006nB allows remote attackers to cause a denial of service (service hang) via a crafted string in HTTP header fields such as (1) If-Modified-Since, (2) If-None-Match, or (3) If-Unmodified-Since. NOTE: some of these details are obtained from third party information.
CVE-2012-5000 2 Blueteck, Dzcp 2 Witze Addon, Dev\!l\'z Clanportal 2025-04-11 N/A
SQL injection vulnerability in jokes/index.php in the Witze addon 0.9 for deV!L'z Clanportal allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action.
CVE-2012-5001 1 Hitachi 1 Jp1\/cm2\/network Node Manager 2025-04-11 N/A
Multiple unspecified vulnerabilities in Hitachi JP1/Cm2/Network Node Manager i before 09-50-03 allow remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors.
CVE-2012-5002 1 Ricoh 2 Dl-10, Sr10 Ftp Server 2025-04-11 N/A
Stack-based buffer overflow in SR10 FTP server (SR10.exe) 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote attackers to execute arbitrary code via a long USER FTP command.
CVE-2012-5003 1 Nomachine 1 Nx Web Companion 2025-04-11 N/A
nxapplet.jar in No Machine NX Web Companion 3.x and earlier does not properly verify the authenticity of updates, which allows user-assisted remote attackers to execute arbitrary code via a crafted (1) SiteUrl or (2) RedirectUrl parameter that points to a Trojan Horse client.zip update file.
CVE-2012-5004 1 Parallels 1 H-sphere 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Parallels H-Sphere 3.3 Patch 1 allow remote attackers to hijack the authentication of admins for requests that (1) add group plans via admin/group_plans.html or (2) add extra packages via admin/extra_packs/create_extra_pack.html.
CVE-2012-5005 1 Frankdeveloper 1 Vr Gpub 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in admin/admin_options.php in VR GPub 4.0 allows remote attackers to hijack the authentication of admins for requests that add admin accounts via an add action.
CVE-2012-5006 1 Caminova 1 Djvu Browser Plug-in 2025-04-11 N/A
Heap-based buffer overflow in npdjvu.dll in Caminova DjVu Browser Plug-in 6.1.4 Build 27351 and other versions before 6.1.4.27993 allows remote attackers to execute arbitrary code via a crafted Sjbz chunk in a djvu file.
CVE-2012-5007 2 Drupal, Wizonesolutions 2 Drupal, Fillpdf 2025-04-11 N/A
The Fill PDF module 7.x-1.x before 7.x-1.2 for Drupal allows remote attackers to write to arbitrary PDF files via unspecified vectors related to the fillpdf_merge_pdf function and incorrect arguments, a different vulnerability than CVE-2012-1625. NOTE: some of these details are obtained from third party information.
CVE-2012-5048 1 Optimalog 1 Optima Plc 2025-04-11 N/A
APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted packet.
CVE-2012-5049 1 Optimalog 1 Optima Plc 2025-04-11 N/A
APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
CVE-2012-5050 1 Vmware 1 Vcenter Operations 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the server in VMware vCenter Operations (aka vCOps) before 5.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-5051 1 Vmware 1 Capacityiq 2025-04-11 N/A
Directory traversal vulnerability in VMware CapacityIQ 1.5.x allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2012-5053 1 Trimble 7 Infrastructure Gnss Series Receiver Firmware, Infrastructure Gnss Series Receiver Netr3, Infrastructure Gnss Series Receiver Netr5 and 4 more 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Receiver Web User Interface on Trimble Infrastructure GNSS Series Receivers NetR3, NetR5, NetR8, and NetR9 before 4.70, and NetRS before 1.3-2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-5055 2 Redhat, Vmware 2 Fuse Esb Enterprise, Springsource Spring Security 2025-04-11 N/A
DaoAuthenticationProvider in VMware SpringSource Spring Security before 2.0.8, 3.0.x before 3.0.8, and 3.1.x before 3.1.3 does not check the password if the user is not found, which makes the response delay shorter and might allow remote attackers to enumerate valid usernames via a series of login requests.
CVE-2012-5102 1 Dariusz Handzlik 1 Vertrigoserv 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in inc/extensions.php in VertrigoServ 2.25 allows remote attackers to inject arbitrary web script or HTML via the ext parameter.
CVE-2012-5058 1 Oracle 1 E-business Suite 2025-04-11 N/A
Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to the Web interface.
CVE-2012-5059 1 Oracle 1 Peoplesoft Products 2025-04-11 N/A
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.51 and 8.52 allows remote attackers to affect integrity via unknown vectors related to Portal, a different vulnerability than CVE-2013-0392.
CVE-2012-5060 3 Canonical, Mariadb, Oracle 3 Ubuntu Linux, Mariadb, Mysql 2025-04-11 N/A
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
CVE-2012-5061 1 Oracle 1 Financial Services Software 2025-04-11 N/A
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, 11.0.0 through 11.4.0, and 12.0.0 allows remote authenticated users to affect confidentiality, related to BASE.