Search

Search Results (363331 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-3558 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 11.65 does not ensure that the address field corresponds to the displayed web page during unusually timed changes to this field, which makes it easier for user-assisted remote attackers to conduct spoofing attacks via vectors involving navigation, reloads, and redirects.
CVE-2012-3560 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 11.65 does not ensure that the address field corresponds to the displayed web page during blocked navigation, which makes it easier for remote attackers to conduct spoofing attacks by detecting and preventing attempts to load a different web page.
CVE-2012-3561 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string.
CVE-2012-3562 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page that is not properly handled during a reload, as demonstrated by a "multiple origin camera test" page.
CVE-2012-3563 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via a web page that contains invalid character encodings.
CVE-2012-3564 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application hang) via an absolutely positioned wrap=off TEXTAREA element located next to an "overflow: auto" block element.
CVE-2012-3565 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted characters in domain names, as demonstrated by "IDNA2008 tests."
CVE-2012-3566 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (application hang) via JavaScript code that changes a form before submission.
CVE-2012-3567 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 12.00 Beta allows remote attackers to cause a denial of service (memory consumption or application hang) via an IFRAME element that uses the src="#" syntax to embed a parent document.
CVE-2012-3568 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted WebGL content, as demonstrated by a codeflow.org WebGL demo.
CVE-2012-3569 2 Microsoft, Vmware 4 Windows, Ovf Tool, Player and 1 more 2025-04-11 N/A
Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Player 4.x before 4.0.5, and other products, allows user-assisted remote attackers to execute arbitrary code via a crafted OVF file.
CVE-2012-3570 1 Isc 1 Dhcp 2025-04-11 N/A
Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter.
CVE-2012-3571 4 Canonical, Debian, Isc and 1 more 4 Ubuntu Linux, Debian Linux, Dhcp and 1 more 2025-04-11 N/A
ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.
CVE-2012-3572 2 Nurul Hidayah Hamazulan, Oscc 2 Mymesyuarat, Mymeeting 2025-04-11 N/A
Open Source Competency Center (OSCC) MyMeeting 3.0.1 and earlier, and MyMesyuarat 09b-1, does not properly verify uploaded documents, which allows remote authenticated users to execute arbitrary PHP code via a crafted document.
CVE-2012-3574 2 Tbelmans, Wordpress 2 Mm Forms Community, Wordpress 2025-04-11 N/A
Unrestricted file upload vulnerability in includes/doajaxfileupload.php in the MM Forms Community plugin 2.2.5 and 2.2.6 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/temp.
CVE-2012-3575 2 Rbx Gallery, Wordpress 2 Rbx Gallery, Wordpress 2025-04-11 N/A
Unrestricted file upload vulnerability in uploader.php in the RBX Gallery plugin 2.1 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/rbxslider.
CVE-2012-3576 2 Jquindlen, Wordpress 2 Wpstorecart, Wordpress 2025-04-11 N/A
Unrestricted file upload vulnerability in php/upload.php in the wpStoreCart plugin before 2.5.30 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/wpstorecart.
CVE-2012-3577 2 Nmedia, Wordpress 2 Member Conversation, Wordpress 2025-04-11 N/A
Unrestricted file upload vulnerability in doupload.php in the Nmedia Member Conversation plugin before 1.4 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/uploads/user_uploads.
CVE-2012-3578 1 Wordpress 2 Fcchat Widget, Wordpress 2025-04-11 N/A
Unrestricted file upload vulnerability in html/Upload.php in the FCChat Widget plugin 2.2.13.1 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in html/images.
CVE-2012-3579 1 Symantec 1 Messaging Gateway 2025-04-11 N/A
Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged access via an SSH session.