Search

Search Results (363139 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-3885 1 Airdroid 1 Airdroid 2025-04-11 N/A
The default configuration of AirDroid 1.0.4 beta uses a four-character alphanumeric password, which makes it easier for remote attackers to obtain access via a brute-force attack.
CVE-2012-3886 1 Airdroid 1 Airdroid 2025-04-11 N/A
AirDroid 1.0.4 beta uses the MD5 algorithm for values in the checklogin key parameter and 7bb cookie, which makes it easier for remote attackers to obtain cleartext data by sniffing the local wireless network and then conducting a (1) brute-force attack or (2) rainbow-table attack.
CVE-2012-3887 1 Airdroid 1 Airdroid 2025-04-11 N/A
AirDroid before 1.0.7 beta uses a cleartext base64 format for data transfer that is documented as an "Encrypted Transmission" feature, which allows remote attackers to obtain sensitive information by sniffing the local wireless network, as demonstrated by the SMS message content sent to the sdctl/sms/send/single/ URI.
CVE-2012-3888 1 Airdroid 1 Airdroid 2025-04-11 N/A
The login implementation in AirDroid 1.0.4 beta allows remote attackers to bypass a multiple-login protection mechanism by modifying a pass value within JSON data.
CVE-2012-3889 1 Nullsoft 1 Winamp 2025-04-11 N/A
The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a .IT file.
CVE-2012-3890 1 Nullsoft 1 Winamp 2025-04-11 N/A
The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a .IT file.
CVE-2012-3893 1 Cisco 1 Ios 2025-04-11 N/A
The FlexVPN implementation in Cisco IOS 15.2 and 15.3 allows remote authenticated users to cause a denial of service (spoke crash) via spoke-to-spoke traffic, aka Bug ID CSCtz02622.
CVE-2012-3895 1 Cisco 1 Ios 2025-04-11 N/A
Cisco IOS 15.0 through 15.3 allows remote authenticated users to cause a denial of service (device crash) via an MVPNv6 update, aka Bug ID CSCty89224.
CVE-2012-3899 1 Cisco 6 Intrusion Prevention System, Ips 4240, Ips 4250 Sx and 3 more 2025-04-11 N/A
sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and process crash, and traffic-inspection outage) via network traffic, aka Bug ID CSCtn23051.
CVE-2012-3901 1 Cisco 6 Intrusion Prevention System, Ips 4240, Ips 4250 Sx and 3 more 2025-04-11 N/A
The updateTime function in sensorApp on Cisco IPS 4200 series sensors 7.0 and 7.1 allows remote attackers to cause a denial of service (process crash and traffic-inspection outage) via network traffic, aka Bug ID CSCta96144.
CVE-2012-3908 1 Cisco 2 Identity Services Engine, Identity Services Engine Software 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE Administrator user interface (aka the Apache Tomcat interface) on Cisco Identity Services Engine (ISE) 3300 series appliances before 1.1.0.665 Cumulative Patch 1 allow remote attackers to hijack the authentication of administrators, aka Bug ID CSCty46684.
CVE-2012-3913 1 Cisco 2 Vc240 Network Bullet Camera, Video Surveillance Vc220 Network Dome Camera 2025-04-11 N/A
The Cisco VC220 and VC240 cameras allow remote attackers to cause a denial of service (WebUI outage) via crafted packets, aka Bug IDs CSCtf73188, CSCtf88059, CSCtf87951, CSCtf87908, and CSCtf88019.
CVE-2012-3915 1 Cisco 1 Ios 2025-04-11 N/A
The DMVPN tunnel implementation in Cisco IOS 15.2 allows remote attackers to cause a denial of service (persistent IKE state) via a large volume of hub-to-spoke traffic, aka Bug ID CSCtq39602.
CVE-2012-3919 1 Cisco 1 Application Control Engine Module 2025-04-11 N/A
The Cisco Application Control Engine (ACE) module 3.0 for Cisco Catalyst switches and Cisco routers does not properly monitor Load Balancer (LB) queues, which allows remote attackers to cause a denial of service (incorrect memory access and module reboot) via application traffic, aka Bug ID CSCtw70879.
CVE-2012-3923 1 Cisco 1 Ios 2025-04-11 N/A
The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCte41827.
CVE-2012-3924 1 Cisco 1 Ios 2025-04-11 N/A
The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCty97961.
CVE-2012-3935 1 Cisco 2 Jabber Extensible Communications Platform, Unified Presence 2025-04-11 N/A
Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832.
CVE-2012-3936 1 Cisco 1 Webex Recording Format Player 2025-04-11 N/A
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCua40962.
CVE-2012-3937 1 Cisco 1 Webex Recording Format Player 2025-04-11 N/A
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72967.
CVE-2012-3938 1 Cisco 1 Webex Recording Format Player 2025-04-11 N/A
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz73583.