Search
Search Results (332973 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-2078 | 1 Drupal | 1 Activity | 2024-11-21 | 4.8 Medium |
| Cross-site scripting (XSS) vulnerability in the Activity module 6.x-1.x for Drupal. | ||||
| CVE-2012-20001 | 1 Prestashop | 1 Prestashop | 2024-11-21 | 6.1 Medium |
| PrestaShop before 1.5.2 allows XSS via the "<object data='data:text/html" substring in the message field. | ||||
| CVE-2012-1994 | 1 Hp | 1 Systems Insight Manager | 2024-11-21 | 5.7 Medium |
| HP Systems Insight Manager before 7.0 allows a remote user on adjacent network to access information | ||||
| CVE-2012-1932 | 1 Wolfcms | 1 Wolf Cms | 2024-11-21 | 4.8 Medium |
| A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers to inject arbitrary web script or HTML via the setting[admin_email] parameter to admin/setting. | ||||
| CVE-2012-1915 | 1 Codeigniter | 1 Codeigniter | 2024-11-21 | 6.1 Medium |
| EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks. | ||||
| CVE-2012-1903 | 1 Telligent | 1 Community | 2024-11-21 | 5.4 Medium |
| XSS in Telligent Community 5.6.583.20496 via a flash file and related to the allowScriptAccess parameter. | ||||
| CVE-2012-1637 | 1 Drupal | 1 Quick Tabs | 2024-11-21 | 4.8 Medium |
| Cross-site scripting vulnerability (XSS) in the Quick Tabs module 6.x-2.x before 6.x-2.1, 6.x-3.x before 6.x-3.1, and 7.x-3.x before 7.x-3.3 for Drupal. | ||||
| CVE-2012-1615 | 1 Fedoraproject | 2 Fedora, Sectool | 2024-11-21 | 7.8 High |
| A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file. | ||||
| CVE-2012-1592 | 1 Apache | 1 Struts | 2024-11-21 | 8.8 High |
| A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files. | ||||
| CVE-2012-1577 | 3 Debian, Dietlibc Project, Openbsd | 3 Debian Linux, Dietlibc, Openbsd | 2024-11-21 | 9.8 Critical |
| lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0. | ||||
| CVE-2012-1572 | 2 Debian, Openstack | 2 Debian Linux, Keystone | 2024-11-21 | 7.5 High |
| OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space | ||||
| CVE-2012-1567 | 1 Linuxmint | 1 Linuxmint | 2024-11-21 | 7.5 High |
| LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintUpdate. | ||||
| CVE-2012-1566 | 1 Linuxmint | 1 Linuxmint | 2024-11-21 | 7.5 High |
| LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintNanny. | ||||
| CVE-2012-1563 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 7.5 High |
| Joomla! before 2.5.3 allows Admin Account Creation. | ||||
| CVE-2012-1562 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 7.5 High |
| Joomla! core before 2.5.3 allows unauthorized password change. | ||||
| CVE-2012-1500 | 1 Atlassian | 2 Greenhopper, Jira | 2024-11-21 | 5.4 Medium |
| Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8 allows an attacker to inject arbitrary script code. | ||||
| CVE-2012-1496 | 1 Webcalendar Project | 1 Webcalendar | 2024-11-21 | 8.8 High |
| Local file inclusion in WebCalendar before 1.2.5. | ||||
| CVE-2012-1495 | 1 Webcalendar Project | 1 Webcalendar | 2024-11-21 | 9.8 Critical |
| install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter. | ||||
| CVE-2012-1326 | 1 Cisco | 1 Ironport Web Security Appliance | 2024-11-21 | 7.4 High |
| Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks | ||||
| CVE-2012-1316 | 1 Cisco | 1 Ironport Web Security Appliance | 2024-11-21 | 5.9 Medium |
| Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacks | ||||