# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
11151 |
CVE-2012-3406 |
264 |
|
DoS Exec Code Bypass |
2014-02-10 |
2019-04-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405. |
11152 |
CVE-2012-3403 |
119 |
|
DoS Exec Code Overflow |
2012-08-25 |
2013-12-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted KiSS palette file, which triggers an "invalid free." |
11153 |
CVE-2012-3402 |
119 |
|
DoS Exec Code Overflow |
2012-08-25 |
2013-05-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD plugin in GIMP 2.2.13 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted channels header value in a PSD image file, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2009-3909. |
11154 |
CVE-2012-3401 |
119 |
|
DoS Exec Code Overflow |
2012-08-13 |
2017-08-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow. |
11155 |
CVE-2012-3395 |
89 |
|
Exec Code Sql |
2012-07-23 |
2017-11-30 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
SQL injection vulnerability in mod/feedback/complete.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to execute arbitrary SQL commands via crafted form data. |
11156 |
CVE-2012-3384 |
352 |
|
CSRF |
2012-07-22 |
2012-08-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress before 3.4.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. |
11157 |
CVE-2012-3377 |
119 |
|
DoS Exec Code Overflow |
2012-07-12 |
2017-09-18 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file. |
11158 |
CVE-2012-3363 |
|
|
|
2013-02-13 |
2013-12-05 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Zend_XmlRpc in Zend Framework 1.x before 1.11.12 and 1.12.x before 1.12.0 does not properly handle SimpleXMLElement classes, which allows remote attackers to read arbitrary files or create TCP connections via an external entity reference in a DOCTYPE element in an XML-RPC request, aka an XML external entity (XXE) injection attack. |
11159 |
CVE-2012-3362 |
352 |
|
CSRF |
2012-07-12 |
2012-07-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an adduser admin action. |
11160 |
CVE-2012-3350 |
89 |
1
|
Exec Code Sql |
2012-07-12 |
2018-05-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header. |
11161 |
CVE-2012-3347 |
264 |
|
Exec Code Bypass |
2012-06-13 |
2012-09-28 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
AutoFORM PDM Archive before 7.0 implements user accounts in a way that allows for JMX Console authentication, which allows remote authenticated users to bypass intended access restrictions via the /jmx-console URI, and then upload and execute arbitrary JSP code via a JBoss remote-deployment mechanism, a different vulnerability than CVE-2012-1828. |
11162 |
CVE-2012-3343 |
352 |
|
XSS CSRF |
2012-06-08 |
2012-06-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Cross-site request forgery (CSRF) vulnerability in Microdasys before 3.5.1-B708, as used in Bloxx Web Filtering before 5.0.14 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that trigger error pages containing XSS sequences, a different vulnerability than CVE-2012-2564. |
11163 |
CVE-2012-3325 |
20 |
|
|
2012-08-30 |
2017-08-28 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.5, and 8.5.x Full Profile before 8.5.0.1, when the PM44303 fix is installed, does not properly validate credentials, which allows remote authenticated users to obtain administrative access via unspecified vectors. |
11164 |
CVE-2012-3323 |
264 |
|
+Priv |
2013-10-01 |
2017-08-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
IBM Maximo Asset Management 6.2 before 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.3 allows remote attackers to gain privileges via unspecified vectors. |
11165 |
CVE-2012-3321 |
264 |
|
Bypass |
2013-02-20 |
2017-08-28 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
IBM SmartCloud Control Desk 7.5 allows remote authenticated users to bypass intended access restrictions via vectors involving an expired password. |
11166 |
CVE-2012-3317 |
264 |
|
+Priv |
2012-12-05 |
2017-08-28 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
IBM WebSphere Message Broker 6.1 before 6.1.0.11, 7.0 before 7.0.0.5, and 8.0 before 8.0.0.2 has incorrect ownership of certain uninstaller Java Runtime Environment (JRE) files, which might allow local users to gain privileges by leveraging access to uid 501 or gid 300. |
11167 |
CVE-2012-3309 |
352 |
|
CSRF |
2012-08-29 |
2017-08-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Cross-site request forgery (CSRF) vulnerability in the account-creation panel in IBM InfoSphere Guardium 8.2 and earlier, when the CSRF filtering (aka csrf_status) feature is disabled, allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts. |
11168 |
CVE-2012-3306 |
255 |
|
|
2012-09-25 |
2017-08-28 |
6.8 |
User |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1, when multi-domain support is configured, does not purge password data from the authentication cache, which has unspecified impact and remote attack vectors. |
11169 |
CVE-2012-3305 |
22 |
|
Dir. Trav. |
2012-09-25 |
2017-08-28 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
Directory traversal vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to overwrite arbitrary files via a crafted application file. |
11170 |
CVE-2012-3304 |
|
|
|
2012-09-25 |
2017-08-28 |
6.8 |
User |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The Administrative Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hijack sessions via unspecified vectors. |
11171 |
CVE-2012-3294 |
352 |
1
|
CSRF |
2012-08-17 |
2017-08-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Multiple cross-site request forgery (CSRF) vulnerabilities in the Web Gateway component in IBM WebSphere MQ File Transfer Edition 7.0.4 and earlier, and WebSphere MQ - Managed File Transfer 7.5, allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add user accounts via the /wmqfteconsole/Filespaces URI, (2) modify permissions via the /wmqfteconsole/FileSpacePermisssions URI, or (3) add MQ Message Descriptor (MQMD) user accounts via the /wmqfteconsole/UploadUsers URI. |
11172 |
CVE-2012-3286 |
|
|
DoS +Info |
2013-02-16 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Unspecified vulnerability in HP ArcSight Connector Appliance 6.3 and earlier and ArcSight Logger 5.2 and earlier allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. |
11173 |
CVE-2012-3280 |
|
|
DoS +Info |
2013-02-13 |
2019-10-09 |
6.3 |
None |
Local Network |
Medium |
Single system |
Partial |
Partial |
Complete |
Multiple unspecified vulnerabilities on HP NonStop Servers H06.x and J06.x allow remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via an OSS Remote Operation over an Expand connection. |
11174 |
CVE-2012-3256 |
352 |
|
CSRF |
2012-09-08 |
2013-03-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Cross-site request forgery (CSRF) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. |
11175 |
CVE-2012-3231 |
352 |
|
Exec Code CSRF |
2012-06-27 |
2012-06-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Multiple cross-site request forgery (CSRF) vulnerabilities in [email protected] 2.0, as downloaded before May 30, 2012, allow remote attackers to hijack the authentication of administrators for requests that add, delete, or modify sensitive information, as demonstrated by adding a file to execute arbitrary code via a do_addfile action to inc/browser/action.php. |
11176 |
CVE-2012-3196 |
|
|
|
2012-10-16 |
2013-10-10 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and availability, related to PDF generation. |
11177 |
CVE-2012-3190 |
|
|
|
2013-01-16 |
2014-03-16 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity, related to UWQ Server Issues. |
11178 |
CVE-2012-3187 |
|
|
|
2012-10-16 |
2013-10-10 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel. |
11179 |
CVE-2012-3177 |
|
|
|
2012-10-16 |
2019-10-07 |
6.8 |
None |
Remote |
Low |
Single system |
None |
None |
Complete |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server. |
11180 |
CVE-2012-3153 |
|
1
|
Exec Code |
2012-10-16 |
2017-08-28 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Servlet. NOTE: the previous information is from the October 2012 CPU. Oracle has not commented on claims from the original researcher that the PARSEQUERY function allows remote attackers to obtain database credentials via reports/rwservlet/parsequery, and that this issue occurs in earlier versions. NOTE: this can be leveraged with CVE-2012-3152 to execute arbitrary code by uploading a .jsp file. |
11181 |
CVE-2012-3152 |
|
1
|
Exec Code |
2012-10-16 |
2017-08-28 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Report Server Component. NOTE: the previous information is from the October 2012 CPU. Oracle has not commented on claims from the original researcher that the URLPARAMETER functionality allows remote attackers to read and upload arbitrary files to reports/rwservlet, and that this issue occurs in earlier versions. NOTE: this can be leveraged with CVE-2012-3153 to execute arbitrary code by uploading a .jsp file. |
11182 |
CVE-2012-3147 |
|
|
|
2012-10-16 |
2017-08-28 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client. |
11183 |
CVE-2012-3137 |
287 |
1
|
+Info |
2012-09-21 |
2016-11-28 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force password guessing attacks, aka "stealth password cracking vulnerability." |
11184 |
CVE-2012-3133 |
119 |
|
Overflow |
2012-12-21 |
2013-01-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Buffer overflow in the DataDirect ODBC driver, as used in Oracle Hyperion Interactive Reporting 11.1.2.1 and 11.1.2.2, Essbase Server 11.1.2.1 and 11.1.2.2, Production Reporting Server 11.1.2.1 and 11.1.2.2, and Integration Services Server 11.1.2.1 and 11.1.2.2 has unknown impact and attack vectors. |
11185 |
CVE-2012-3132 |
89 |
|
Exec Code Sql |
2012-08-10 |
2013-10-10 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
SQL injection vulnerability in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to execute arbitrary SQL commands via vectors involving CREATE INDEX with a CTXSYS.CONTEXT INDEXTYPE and DBMS_STATS.GATHER_TABLE_STATS. |
11186 |
CVE-2012-3126 |
|
|
|
2012-07-17 |
2017-08-28 |
6.2 |
None |
Local |
High |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Products Suite 3.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Apache Tomcat Agent. |
11187 |
CVE-2012-3052 |
|
|
+Priv |
2012-09-16 |
2012-09-17 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Untrusted search path vulnerability in Cisco VPN Client 5.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka Bug ID CSCua28747. |
11188 |
CVE-2012-3051 |
|
|
DoS |
2012-09-16 |
2013-03-21 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
Cisco NX-OS 5.2 and 6.1 on Nexus 7000 series switches allows remote attackers to cause a denial of service (process crash or packet loss) via a large number of ARP packets, aka Bug ID CSCtr44822. |
11189 |
CVE-2012-3028 |
352 |
|
DoS CSRF |
2012-09-18 |
2012-09-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service. |
11190 |
CVE-2012-3015 |
|
|
+Priv |
2012-07-26 |
2012-07-30 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder. |
11191 |
CVE-2012-3005 |
|
|
+Priv |
2012-07-26 |
2012-07-30 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Untrusted search path vulnerability in Invensys Wonderware InTouch 2012 and earlier, as used in Wonderware Application Server, Wonderware Information Server, Foxboro Control Software, InFusion CE/FE/SCADA, InBatch, and Wonderware Historian, allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. |
11192 |
CVE-2012-3004 |
|
|
+Priv |
2012-09-08 |
2012-09-10 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Multiple untrusted search path vulnerabilities in RealFlex RealWin before 2.1.13, FlexView before 3.1.86, and RealWinDemo before 2.1.13 allow local users to gain privileges via a Trojan horse (1) realwin.dll or (2) keyhook.dll file in the current working directory. |
11193 |
CVE-2012-2999 |
352 |
|
CSRF |
2012-10-04 |
2013-02-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in Cerberus FTP Server before 5.0.5.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user account or (2) reconfigure the state of the FTP service, as demonstrated by a request to usermanager/users/modify. |
11194 |
CVE-2012-2996 |
352 |
|
CSRF |
2012-09-17 |
2013-04-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Cross-site request forgery (CSRF) vulnerability in saveAccountSubTab.imss in Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394 allows remote attackers to hijack the authentication of administrators for requests that create admin accounts via a saveAuth action. |
11195 |
CVE-2012-2982 |
|
|
Exec Code |
2012-09-11 |
2013-05-29 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character. |
11196 |
CVE-2012-2981 |
20 |
|
Exec Code |
2012-09-11 |
2013-05-29 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary Perl code via a crafted file associated with the type (aka monitor type name) parameter. |
11197 |
CVE-2012-2969 |
264 |
|
Bypass |
2012-08-12 |
2012-09-04 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP request. |
11198 |
CVE-2012-2962 |
89 |
1
|
Exec Code Sql |
2012-07-30 |
2018-03-12 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2 allows remote authenticated users to execute arbitrary SQL commands via the q parameter. |
11199 |
CVE-2012-2956 |
89 |
1
|
Exec Code Sql XSS |
2014-09-17 |
2017-08-28 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
SQL injection vulnerability in SpiceWorks 5.3.75941 allows remote authenticated users to execute arbitrary SQL commands via the id parameter to api_v2.json. NOTE: this entry was SPLIT per ADT2 due to different vulnerability types. CVE-2012-6658 is for the XSS. |
11200 |
CVE-2012-2939 |
|
1
|
Exec Code |
2012-05-27 |
2017-08-28 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Multiple unrestricted file upload vulnerabilities in Travelon Express 6.2.2 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension using (1) airline-edit.php, (2) hotel-image-add.php, or (3) hotel-add.php. |