Search

Search Results (363139 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-3816 1 Winradius 1 Winradius 2025-04-11 N/A
WinRadius Server 2009 allows remote attackers to cause a denial of service (crash) via a long password in an Access-Request packet.
CVE-2012-3817 2 Isc, Redhat 2 Bind, Enterprise Linux 2025-04-11 N/A
ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries.
CVE-2012-3818 1 Mikel Olasagasti 1 Revelation 2025-04-11 N/A
The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information.
CVE-2012-3819 1 Dart 1 Powertcp Activex 2025-04-11 N/A
Stack consumption vulnerability in dartwebserver.dll 1.9 and earlier, as used in Dart PowerTCP WebServer for ActiveX and other products, allows remote attackers to cause a denial of service (daemon crash) via a long request.
CVE-2012-3825 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2025-04-11 N/A
Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than CVE-2012-2392.
CVE-2012-3826 1 Wireshark 1 Wireshark 2025-04-11 N/A
Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392.
CVE-2012-3828 1 Joomla 1 Joomla\! 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the Host HTTP Header.
CVE-2012-3829 1 Joomla 1 Joomla\! 2025-04-11 N/A
Joomla! 2.5.3 allows remote attackers to obtain the installation path via the Host HTTP Header.
CVE-2012-3830 1 Milesj 1 Decoda 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in decoda/templates/video.php in Decoda before 3.3.3 allows remote attackers to inject arbitrary web script or HTML via the video directive.
CVE-2012-3831 1 Milesj 1 Decoda 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in decoda/templates/video.php in Decoda before 3.3.1 allows remote attackers to inject arbitrary web script or HTML via multiple URLs in an img tag.
CVE-2012-3832 1 Milesj 1 Decoda 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in decoda/Decoda.php in Decoda before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to (1) b or (2) div tags.
CVE-2012-3833 1 Opensolution 1 Quick.cms 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the default index page in admin/ in Quick.CMS 4.0 allows remote attackers to inject arbitrary web script or HTML via the p parameter.
CVE-2012-3834 1 Alienvault 1 Open Source Security Information Management 2025-04-11 N/A
SQL injection vulnerability in forensics/base_qry_main.php in AlienVault Open Source Security Information Management (OSSIM) 3.1 allows remote authenticated users to execute arbitrary SQL commands via the time[0][0] parameter.
CVE-2012-3835 1 Alienvault 1 Open Source Security Information Management 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to top.php or (2) time[0][0] parameter to forensics/base_qry_main.php, which is not properly handled in an error page.
CVE-2012-3836 1 Babygekko 1 Baby Gekko 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko before 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) groupname parameter in a savecategory in the users module; (2) virtual_filename, (3) branch, (4) contact_person, (5) street, (6) city, (7) province, (8) postal, (9) country, (10) tollfree, (11) phone, (12) fax, or (13) mobile parameter in a saveitem action in the contacts module; (14) title parameter in a savecategory action in the menus module; (15) firstname or (16) lastname in a saveitem action in the users module; (17) meta_key or (18) meta_description in a saveitem action in the blog module; or (19) the PATH_INFO to admin/index.php.
CVE-2012-3837 1 Babygekko 1 Baby Gekko 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in apps/users/registration.template.php in Baby Gekko 1.2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) email_address, (3) password, (4) password_verify, (5) firstname, (6) lastname, or (7) verification_code parameter to users/action/register. NOTE: some of these details are obtained from third party information.
CVE-2012-3838 1 Babygekko 1 Baby Gekko 2025-04-11 N/A
Gekko before 1.2.0 allows remote attackers to obtain the installation path via a direct request to (1) admin/templates/babygekko/index.php or (2) templates/html5demo/index.php.
CVE-2012-3839 1 Myclientbase 1 Myclientbase 2025-04-11 N/A
Multiple SQL injection vulnerabilities in application/core/MY_Model.php in MyClientBase 0.12 allow remote attackers to execute arbitrary SQL commands via the (1) invoice_number or (2) tags parameter to index.php/invoice_search.
CVE-2012-3840 1 Myclientbase 1 Myclientbase 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php/users/form/user_id in MyClientBase 0.12 allow remote attackers to inject arbitrary web script or HTML via the (1) first_name or (2) last_name parameters.
CVE-2012-3841 1 Kmplayer 1 Kmplayer 2025-04-11 N/A
Untrusted search path vulnerability in KMPlayer 3.2.0.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ehtrace.dll that is located in the current working directory.