Search

Search Results (363286 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-4004 1 Fenrir-inc 1 Sleipnir Mobile 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Sleipnir Mobile application 2.2.0 and earlier and Sleipnir Mobile Black Edition application 2.2.0 and earlier for Android allows remote attackers to inject arbitrary web script or HTML via a crafted application that interacts with an unspecified Sleipnir Mobile function.
CVE-2012-4005 1 Naver 1 Nhn Japan Naver Line 2025-04-11 N/A
The NHN Japan NAVER LINE application before 2.5.5 for Android does not properly handle implicit intents, which allows remote attackers to obtain sensitive message information via a crafted application.
CVE-2012-4006 3 Google, Gree, Kddi \& Gree 9 Android, Gree, Haconiwa and 6 more 2025-04-11 N/A
The GREE application before 1.4.0, GREE Tanken Dorirando application before 1.0.7, GREE Tsurisuta application before 1.5.0, GREE Monpura application before 1.1.1, GREE Kaizokuoukoku Columbus application before 1.3.5, GREE haconiwa application before 1.1.0, GREE Seisen Cerberus application before 1.1.0, and KDDI&GREE GREE Market application before 2.1.2 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application.
CVE-2012-4007 2 Google, Mixi 2 Android, Mixi 2025-04-11 N/A
The mixi application before 4.3.0 for Android allows remote attackers to read potentially sensitive information in friends' comments via a crafted application that leverages the storage of these comments on an SD card.
CVE-2012-4008 1 Cybozu 1 Cybozu Live 2025-04-11 N/A
The Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site.
CVE-2012-4009 1 Cybozu 1 Cybozu Live 2025-04-11 N/A
The WebView class in the Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL.
CVE-2012-4010 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 11.60 allows remote attackers to spoof the address bar via unspecified homograph characters, a different vulnerability than CVE-2010-2660.
CVE-2012-4011 1 Cybozu 1 Kunai 2025-04-11 N/A
The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site.
CVE-2012-4012 1 Cybozu 1 Kunai 2025-04-11 N/A
The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL.
CVE-2012-4013 1 Cybozu 1 Kunai Browser For Remote Service 2025-04-11 N/A
The WebView class in the Cybozu KUNAI Browser for Remote Service application beta for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL.
CVE-2012-4014 1 Mcafee 1 Email And Web Security 2025-04-11 N/A
Unspecified vulnerability in McAfee Email Anti-virus (formerly WebShield SMTP) allows remote attackers to cause a denial of service via unknown vectors.
CVE-2012-4015 2 Microsoft, Mylittletools 2 Sql Server, Mylittleadmin 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger a crafted database entry.
CVE-2012-4016 2 Google, Justsystems 2 Android, Atok 2025-04-11 N/A
The ATOK application before 1.0.4 for Android allows remote attackers to read the learning information file, and obtain sensitive input-string information, via a crafted application.
CVE-2012-4017 2 Google, Jb\+ 2 Android, Jigbrowser\+ 2025-04-11 N/A
The jigbrowser+ application before 1.5.0 for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application.
CVE-2012-4018 1 Finalbeta 1 Mywebsearch 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Final Beta Laboratory MyWebSearch before 1.23 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
CVE-2012-4019 1 C61 1 Tokyo Bbs 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in tokyo_bbs.cgi in Come on Girls Interface (CGI) Tokyo BBS allows remote attackers to inject arbitrary web script or HTML via vectors related to the error page.
CVE-2012-4020 1 Mosp 1 Kintai Kanri 2025-04-11 N/A
MosP kintai kanri before 4.1.0 does not enforce privilege requirements, which allows remote authenticated users to read other users' information via unspecified vectors.
CVE-2012-4021 1 Mosp 1 Kintai Kanri 2025-04-11 N/A
MosP kintai kanri before 4.1.0 does not properly perform authentication, which allows remote authenticated users to impersonate arbitrary user accounts, and consequently obtain sensitive information or modify settings, via unspecified vectors.
CVE-2012-4022 1 Simon Brown 1 Pebble 2025-04-11 N/A
Pebble before 2.6.4 allows remote attackers to trigger loss of blog-entry viewability via a crafted comment.
CVE-2012-4023 1 Simon Brown 1 Pebble 2025-04-11 N/A
CRLF injection vulnerability in Pebble before 2.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.