Export limit exceeded: 363290 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363290 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363290 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-4000 1 Ckeditor 1 Fckeditor 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the print_textinputs_var function in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor 2.6.7 and earlier allows remote attackers to inject arbitrary web script or HTML via textinputs array parameters.
CVE-2012-4001 2 Apache, Google 2 Http Server, Mod Pagespeed 2025-04-11 N/A
The mod_pagespeed module before 0.10.22.6 for the Apache HTTP Server does not properly verify its host name, which allows remote attackers to trigger HTTP requests to arbitrary hosts via unspecified vectors, as demonstrated by requests to intranet servers.
CVE-2012-4002 1 Glpi-project 1 Glpi 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in GLPI-PROJECT GLPI before 0.83.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2012-4003 1 Glpi-project 1 Glpi 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in GLPI-PROJECT GLPI before 0.83.3 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2012-4004 1 Fenrir-inc 1 Sleipnir Mobile 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Sleipnir Mobile application 2.2.0 and earlier and Sleipnir Mobile Black Edition application 2.2.0 and earlier for Android allows remote attackers to inject arbitrary web script or HTML via a crafted application that interacts with an unspecified Sleipnir Mobile function.
CVE-2012-4005 1 Naver 1 Nhn Japan Naver Line 2025-04-11 N/A
The NHN Japan NAVER LINE application before 2.5.5 for Android does not properly handle implicit intents, which allows remote attackers to obtain sensitive message information via a crafted application.
CVE-2012-4006 3 Google, Gree, Kddi \& Gree 9 Android, Gree, Haconiwa and 6 more 2025-04-11 N/A
The GREE application before 1.4.0, GREE Tanken Dorirando application before 1.0.7, GREE Tsurisuta application before 1.5.0, GREE Monpura application before 1.1.1, GREE Kaizokuoukoku Columbus application before 1.3.5, GREE haconiwa application before 1.1.0, GREE Seisen Cerberus application before 1.1.0, and KDDI&GREE GREE Market application before 2.1.2 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application.
CVE-2012-4007 2 Google, Mixi 2 Android, Mixi 2025-04-11 N/A
The mixi application before 4.3.0 for Android allows remote attackers to read potentially sensitive information in friends' comments via a crafted application that leverages the storage of these comments on an SD card.
CVE-2012-4008 1 Cybozu 1 Cybozu Live 2025-04-11 N/A
The Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site.
CVE-2012-4009 1 Cybozu 1 Cybozu Live 2025-04-11 N/A
The WebView class in the Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL.
CVE-2012-4010 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 11.60 allows remote attackers to spoof the address bar via unspecified homograph characters, a different vulnerability than CVE-2010-2660.
CVE-2012-4011 1 Cybozu 1 Kunai 2025-04-11 N/A
The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site.
CVE-2012-4012 1 Cybozu 1 Kunai 2025-04-11 N/A
The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL.
CVE-2012-4013 1 Cybozu 1 Kunai Browser For Remote Service 2025-04-11 N/A
The WebView class in the Cybozu KUNAI Browser for Remote Service application beta for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL.
CVE-2012-4014 1 Mcafee 1 Email And Web Security 2025-04-11 N/A
Unspecified vulnerability in McAfee Email Anti-virus (formerly WebShield SMTP) allows remote attackers to cause a denial of service via unknown vectors.
CVE-2012-4015 2 Microsoft, Mylittletools 2 Sql Server, Mylittleadmin 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger a crafted database entry.
CVE-2012-4016 2 Google, Justsystems 2 Android, Atok 2025-04-11 N/A
The ATOK application before 1.0.4 for Android allows remote attackers to read the learning information file, and obtain sensitive input-string information, via a crafted application.
CVE-2012-4017 2 Google, Jb\+ 2 Android, Jigbrowser\+ 2025-04-11 N/A
The jigbrowser+ application before 1.5.0 for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application.
CVE-2012-4018 1 Finalbeta 1 Mywebsearch 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Final Beta Laboratory MyWebSearch before 1.23 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
CVE-2012-4019 1 C61 1 Tokyo Bbs 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in tokyo_bbs.cgi in Come on Girls Interface (CGI) Tokyo BBS allows remote attackers to inject arbitrary web script or HTML via vectors related to the error page.