Export limit exceeded: 364935 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364935 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-1467 | 1 Pkp | 1 Open Journal Systems | 2025-04-11 | N/A |
| Multiple directory traversal vulnerabilities in the iBrowser plugin library, as used in Open Journal Systems before 2.3.7, allow remote authenticated users to (1) delete or (2) rename arbitrary files via a .. (dot dot) in the param parameter to lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/scripts/rfiles.php. | ||||
| CVE-2012-1469 | 1 Pkp | 1 Open Journal Systems | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Open Journal Systems before 2.3.7 allow remote attackers and remote authenticated users to inject arbitrary web script or HTML via the (1) editor or (2) callback parameters to lib/pkp/lib/tinymce/jscripts/tiny_mce/plugins/ibrowser/ibrowser.php in the iBrowser plugin, (3) authors[][url] parameter to index.php, or (4) Bio Statement or (5) Abstract of Submission fields to the stripUnsafeHtml function in lib/pkp/classes/core/String.inc.php. | ||||
| CVE-2012-1470 | 1 Ocportal | 1 Ocportal | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in code_editor.php in ocPortal before 7.1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) path or (2) line parameters. | ||||
| CVE-2012-1471 | 1 Ocportal | 1 Ocportal | 2025-04-11 | N/A |
| Directory traversal vulnerability in catalogue_file.php in ocPortal before 7.1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2012-1472 | 1 Vmware | 1 Vcenter Chargeback Manager | 2025-04-11 | N/A |
| VMware vCenter Chargeback Manager (aka CBM) before 2.0.1 does not properly handle XML API requests, which allows remote attackers to read arbitrary files or cause a denial of service via unspecified vectors. | ||||
| CVE-2012-1474 | 2 Google, Sdo | 2 Android, Youni Sms | 2025-04-11 | N/A |
| Unspecified vulnerability in the Youni SMS (com.snda.youni) application 2.1.0c and 2.1.0d for Android has unknown impact and attack vectors. | ||||
| CVE-2012-1475 | 2 Google, Qualcomm | 2 Android, Yagattatalk Messenger | 2025-04-11 | N/A |
| Unspecified vulnerability in the YagattaTalk Messenger (com.iskoot.yagatta.yagattatalk) application 1.00.01.08 for Android has unknown impact and attack vectors. | ||||
| CVE-2012-1476 | 2 Google, Kktalk | 2 Android, Kktalk | 2025-04-11 | N/A |
| Unspecified vulnerability in the KKtalk (com.kkliaotian.android) application 4.0.0 and 4.1.5 for Android has unknown impact and attack vectors. | ||||
| CVE-2012-1477 | 2 Cnectd, Google | 2 Cnectd, Android | 2025-04-11 | N/A |
| Unspecified vulnerability in the Cnectd (mci.cnectd) application 3.1.0 for Android has unknown impact and attack vectors. | ||||
| CVE-2012-1478 | 2 Google, Ucweb | 2 Android, Ucmobile Blovestorm | 2025-04-11 | N/A |
| Unspecified vulnerability in the UCMobile BloveStorm (com.blovestorm) application 2.2.0 and 3.2.1 for Android has unknown impact and attack vectors. | ||||
| CVE-2012-1480 | 2 Google, Pansi | 2 Android, Pansi Sms | 2025-04-11 | N/A |
| Unspecified vulnerability in the Pansi SMS (com.pansi.msg) application 1.97, 2.01, and 2.07 for Android has unknown impact and attack vectors. | ||||
| CVE-2012-1481 | 2 Google, Kashif Masud | 2 Android, Textdroid | 2025-04-11 | N/A |
| Unspecified vulnerability in the Textdroid (com.app.android.textdroid) application 2.5.2 for Android has unknown impact and attack vectors. | ||||
| CVE-2012-1482 | 2 Google, Touchpal | 2 Android, Touchpal Contacts | 2025-04-11 | N/A |
| Unspecified vulnerability in the TouchPal Contacts (com.cootek.smartdialer) application 3.3.1 and 4.0.1 for Android has unknown impact and attack vectors. | ||||
| CVE-2012-1483 | 2 Google, Zhou Bo | 2 Android, Message Forwarder | 2025-04-11 | N/A |
| Unspecified vulnerability in the Message Forwarder (com.gmail.zbnetium) application 1.12.20110409.1 for Android has unknown impact and attack vectors. | ||||
| CVE-2012-1484 | 2 Google, Wali | 2 Android, Walisms Cn | 2025-04-11 | N/A |
| Unspecified vulnerability in the WaliSMS CN (cn.com.wali.walisms) application 2.9.2 and 3.7.0 for Android has unknown impact and attack vectors. | ||||
| CVE-2012-1485 | 2 Google, Netfrontlife | 2 Android, Netfront Life Browser | 2025-04-11 | N/A |
| Unspecified vulnerability in the NetFront Life Browser (com.access_company.android.nflifebrowser.lite) application 2.2.0 and 2.3.0 for Android has unknown impact and attack vectors. | ||||
| CVE-2012-1493 | 1 F5 | 25 Big-ip 1000, Big-ip 11000, Big-ip 11050 and 22 more | 2025-04-11 | N/A |
| F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option. | ||||
| CVE-2012-1498 | 1 Nikola Posa | 13 Webfoliocms1.0.2, Webfoliocms1.0.3, Webfoliocms1.0.4 and 10 more | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Webfolio CMS 1.1.4 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add an administrator via an add action to admin/users/add or (2) modify a web page via a save action to admin/pages/edit/web_page_name. | ||||
| CVE-2012-1499 | 1 Uclouvain | 1 Openjpeg | 2025-04-11 | N/A |
| The JPEG 2000 codec (jp2.c) in OpenJPEG before 1.5 allows remote attackers to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write." | ||||
| CVE-2012-1502 | 1 Pypam | 1 Pypam | 2025-04-11 | N/A |
| Double free vulnerability in the PyPAM_conv in PAMmodule.c in PyPam 0.5.0 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a NULL byte in a password string. | ||||