Export limit exceeded: 363262 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363262 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-4670 | 1 Tigase | 1 Tigase Xmpp Server | 2025-04-11 | N/A |
| Tigase XMPP Server before 5.1.0 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Authorization Response. | ||||
| CVE-2012-4671 | 1 Psyced | 1 Psyced | 2025-04-11 | N/A |
| psyced before 20120821 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted. | ||||
| CVE-2012-4672 | 1 Apple | 1 Ichat Server | 2025-04-11 | N/A |
| Apple iChat Server does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted. | ||||
| CVE-2012-4673 | 1 Thomas Hunter | 1 Neoinvoice | 2025-04-11 | N/A |
| SQL injection vulnerability in application/controllers/invoice.php in NeoInvoice might allow remote attackers to execute arbitrary SQL commands via vectors involving the sort_col variable in the list_items function, a different vulnerability than CVE-2012-3477. | ||||
| CVE-2012-4674 | 1 Pluxml | 1 Pluxml | 2025-04-11 | N/A |
| PluXml before 5.1.6 allows remote attackers to obtain the installation path via the PHPSESSID. | ||||
| CVE-2012-4675 | 1 Pluxml | 1 Pluxml | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in PluXml 5.1.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to file update. | ||||
| CVE-2012-4676 | 1 Google | 1 Tunnelblick | 2025-04-11 | N/A |
| The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a (1) symlink or (2) hard link, a different vulnerability than CVE-2012-3485. | ||||
| CVE-2012-4677 | 1 Google | 1 Tunnelblick | 2025-04-11 | N/A |
| Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by using a crafted Info.plist file to control the gOkIfNotSecure value. | ||||
| CVE-2012-4678 | 1 Munin-monitoring | 1 Munin | 2025-04-11 | N/A |
| munin-cgi-graph for Munin 2.0 rc4 does not delete temporary files, which allows remote attackers to cause a denial of service (disk consumption) via many requests to an image with unique parameters. | ||||
| CVE-2012-4680 | 1 Ioserver | 1 Ioserver | 2025-04-11 | N/A |
| Directory traversal vulnerability in the XML Server in IOServer before 1.0.19.0, when the Root Directory pathname lacks a trailing \ (backslash) character, allows remote attackers to read arbitrary files or list arbitrary directories via a .. (dot dot) in a URI. | ||||
| CVE-2012-4682 | 1 Bitcoin | 1 Bitcoin Core | 2025-04-11 | N/A |
| Unspecified vulnerability in bitcoind and Bitcoin-Qt allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-4683. | ||||
| CVE-2012-4683 | 1 Bitcoin | 1 Bitcoin Core | 2025-04-11 | N/A |
| Unspecified vulnerability in bitcoind and Bitcoin-Qt allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-4682. | ||||
| CVE-2012-4684 | 1 Bitcoin | 4 Bitcoin-qt, Bitcoin Core, Bitcoind and 1 more | 2025-04-11 | N/A |
| The alert functionality in bitcoind and Bitcoin-Qt before 0.7.0 supports different character representations of the same signature data, but relies on a hash of this signature, which allows remote attackers to cause a denial of service (resource consumption) via a valid modified signature for a circulating alert. | ||||
| CVE-2012-4685 | 1 Arbornetworks | 1 Peakflow Sp | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Arbor Networks Peakflow SP 5.1.1 before patch 6, 5.5 before patch 4, and 5.6.0 before patch 1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index. | ||||
| CVE-2012-4686 | 1 Vbulletin | 1 Vbulletin | 2025-04-11 | N/A |
| SQL injection vulnerability in announcement.php in vBulletin 4.1.10 allows remote attackers to execute arbitrary SQL commands via the announcementid parameter. | ||||
| CVE-2012-4689 | 1 Ge | 3 Intelligent Platforms Proficy Hmi\/scada Cimplicity, Intelligent Platforms Proficy Process Systems, Intelligent Platforms Proficy Process Systems With Cimplicity | 2025-04-11 | N/A |
| Integer overflow in CimWebServer.exe in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to cause a denial of service (daemon crash) via a malformed HTTP request. | ||||
| CVE-2012-4690 | 1 Rockwellautomation | 3 Ab Micrologix Controller, Plc-5 Controller, Slc 500 Controller | 2025-04-11 | N/A |
| Rockwell Automation Allen-Bradley MicroLogix controller 1100, 1200, 1400, and 1500; SLC 500 controller platform; and PLC-5 controller platform, when Static status is not enabled, allow remote attackers to cause a denial of service via messages that trigger modification of status bits. | ||||
| CVE-2012-4693 | 2 Invensys, Siemens | 2 Wonderware Intouch, Processsuite | 2025-04-11 | N/A |
| Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_security.ini, which makes it easier for local users to discover passwords by reading this file. | ||||
| CVE-2012-4694 | 1 Moxa | 2 Edr-g903, Edr G903 Firmware | 2025-04-11 | N/A |
| Moxa EDR-G903 series routers with firmware before 2.11 do not use a sufficient source of entropy for (1) SSH and (2) SSL keys, which makes it easier for man-in-the-middle attackers to spoof a device or modify a client-server data stream by leveraging knowledge of a key from a product installation elsewhere. | ||||
| CVE-2012-4695 | 1 Rockwellautomation | 1 Rslinx Enterprise | 2025-04-11 | N/A |
| LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage) via a zero-byte UDP packet that is not properly handled by Logger.dll. | ||||