| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2012-6431 |
264 |
|
Bypass |
2012-12-27 |
2013-01-07 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly encoded string. |
|
2 |
CVE-2012-6299 |
|
|
Bypass |
2012-12-26 |
2018-08-13 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12.5 before SP15, and r12.6 GA allows remote attackers to bypass intended access restrictions via unknown vectors. |
|
3 |
CVE-2012-6067 |
287 |
|
Bypass |
2012-12-04 |
2012-12-05 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers to bypass authentication via a crafted SFTP session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c. |
|
4 |
CVE-2012-6066 |
287 |
|
Bypass |
2012-12-04 |
2012-12-05 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c. |
|
5 |
CVE-2012-5975 |
287 |
1
|
Bypass |
2012-12-04 |
2012-12-05 |
9.3 |
Admin |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through 6.1.12, 6.2.0 through 6.2.5, and 6.3.0 through 6.3.2 on UNIX and Linux, when old-style password authentication is enabled, allows remote attackers to bypass authentication via a crafted session involving entry of blank passwords, as demonstrated by a root login session from a modified OpenSSH client with an added input_userauth_passwd_changereq call in sshconnect2.c. |
|
6 |
CVE-2012-5966 |
264 |
|
Bypass |
2012-12-13 |
2012-12-13 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
The restricted telnet shell on the D-Link DSL2730U router allows remote authenticated users to bypass intended command restrictions via shell metacharacters that follow a whitelisted command. |
|
7 |
CVE-2012-5887 |
287 |
|
Bypass |
2012-11-17 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests. |
|
8 |
CVE-2012-5886 |
287 |
|
Bypass |
2012-11-17 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID. |
|
9 |
CVE-2012-5885 |
264 |
|
Bypass |
2012-11-17 |
2017-09-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184. |
|
10 |
CVE-2012-5851 |
79 |
|
XSS Bypass |
2012-11-15 |
2017-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remote attackers to bypass a cross-site scripting (XSS) protection mechanism via a crafted string, aka rdar problem 12019108. |
|
11 |
CVE-2012-5786 |
20 |
|
Bypass |
2012-11-04 |
2019-06-11 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
** DISPUTED ** The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF before 2.7.0 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. NOTE: The vendor states that the sample had specifically used a flag to bypass the DN check. |
|
12 |
CVE-2012-5759 |
264 |
|
Bypass |
2012-11-23 |
2017-08-28 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
|
The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2 allows remote authenticated users to bypass intended administrative-role requirements and perform arbitrary JMX operations via unspecified vectors. |
|
13 |
CVE-2012-5675 |
264 |
|
Bypass |
2012-12-12 |
2012-12-12 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Adobe ColdFusion 9.0 through 9.0.2, and 10, allows local users to bypass intended shared-hosting sandbox permissions via unspecified vectors. |
|
14 |
CVE-2012-5638 |
264 |
|
Bypass |
2012-12-20 |
2013-04-10 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
The setup_logging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content or bypass intended disk-quota restrictions via standard filesystem write operations. |
|
15 |
CVE-2012-5571 |
255 |
|
Bypass |
2012-12-17 |
2017-08-28 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not properly handle EC2 tokens when the user role has been removed from a tenant, which allows remote authenticated users to bypass intended authorization restrictions by leveraging a token for the removed user role. |
|
16 |
CVE-2012-5563 |
255 |
|
Bypass |
2012-12-17 |
2017-08-28 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating new tokens through token chaining. NOTE: this issue exists because of a CVE-2012-3426 regression. |
|
17 |
CVE-2012-5522 |
264 |
|
Bypass |
2012-11-15 |
2013-08-22 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
|
MantisBT before 1.2.12 does not use an expected default value during decisions about whether a user may modify the status of a bug, which allows remote authenticated users to bypass intended access restrictions and make status changes by leveraging a blank value for a per-status setting. |
|
18 |
CVE-2012-5481 |
264 |
|
Bypass |
2012-11-21 |
2013-06-20 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
Moodle 2.3.x before 2.3.3 allows remote authenticated users to bypass the moodle/role:manage capability requirement and read all capability data by visiting the Check Permissions page. |
|
19 |
CVE-2012-5480 |
264 |
|
Bypass |
2012-11-21 |
2013-06-20 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote attackers to bypass intended restrictions on reading other participants' entries via an advanced search. |
|
20 |
CVE-2012-5472 |
264 |
|
Bypass |
2012-11-21 |
2013-06-20 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
lib/formslib.php in Moodle 2.2.x before 2.2.6 and 2.3.x before 2.3.3 allows remote authenticated users to bypass intended access restrictions via a modified value of a frozen form field. |
|
21 |
CVE-2012-5469 |
264 |
|
Bypass |
2012-12-20 |
2012-12-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod. |
|
22 |
CVE-2012-5424 |
20 |
|
Bypass |
2012-11-07 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cisco Secure Access Control System (ACS) 5.x before 5.2 Patch 11 and 5.3 before 5.3 Patch 7, when a certain configuration involving TACACS+ and LDAP is used, does not properly validate passwords, which allows remote attackers to bypass authentication by sending a valid username and a crafted password string, aka Bug ID CSCuc65634. |
|
23 |
CVE-2012-5376 |
269 |
|
Bypass |
2012-10-11 |
2019-09-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The Inter-process Communication (IPC) implementation in Google Chrome before 22.0.1229.94 allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process, a different vulnerability than CVE-2012-5112. |
|
24 |
CVE-2012-5353 |
287 |
|
Bypass |
2012-10-09 |
2014-04-22 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Eduserv OpenAthens SP 2.0 for Java allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack." |
|
25 |
CVE-2012-5352 |
287 |
|
Bypass |
2012-10-09 |
2017-08-28 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Java Open Single Sign-On Project Home (JOSSO) allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack." |
|
26 |
CVE-2012-5351 |
287 |
|
Bypass |
2012-10-09 |
2017-08-28 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack," a different vulnerability than CVE-2012-4418. |
|
27 |
CVE-2012-5278 |
264 |
|
Exec Code Bypass |
2012-11-07 |
2018-12-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. |
|
28 |
CVE-2012-4934 |
264 |
|
Bypass |
2012-10-31 |
2017-08-28 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
TomatoCart 1.1.7, when the PayPal Express Checkout module is enabled in sandbox mode, allows remote authenticated users to bypass intended payment requirements by modifying a certain redirection URL. |
|
29 |
CVE-2012-4908 |
264 |
|
Bypass |
2012-09-13 |
2012-09-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink. |
|
30 |
CVE-2012-4845 |
264 |
|
Bypass |
2012-10-20 |
2017-09-18 |
6.8 |
None |
Remote |
Low |
Single system |
Complete |
None |
None |
|
The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by leveraging the setuid installation of the ftp executable file. |
|
31 |
CVE-2012-4816 |
264 |
|
Bypass |
2012-12-26 |
2017-08-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5 allows remote attackers to bypass intended Env Gen Wizard (aka Environment Generation Wizard) access restrictions by visiting context roots in HTTP sessions on port 8080. |
|
32 |
CVE-2012-4737 |
264 |
|
Bypass |
2012-08-31 |
2013-04-18 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
|
channels/chan_iax2.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert7, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 does not enforce ACL rules during certain uses of peer credentials, which allows remote authenticated users to bypass intended outbound-call restrictions by leveraging the availability of these credentials. |
|
33 |
CVE-2012-4736 |
264 |
|
Bypass |
2012-08-29 |
2017-08-28 |
3.3 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
None |
|
The Device Encryption Client component in Sophos SafeGuard Enterprise 6.0, when a volume-based encryption policy is enabled in conjunction with a user-defined key, does not properly block use of exFAT USB flash drives, which makes it easier for local users to bypass intended access restrictions and copy sensitive information to a drive via multiple removal and reattach operations. |
|
34 |
CVE-2012-4734 |
264 |
|
Bypass CSRF |
2012-11-11 |
2013-03-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to conduct a "confused deputy" attack to bypass the CSRF warning protection mechanism and cause victims to "modify arbitrary state" via unknown vectors related to a crafted link. |
|
35 |
CVE-2012-4688 |
287 |
|
Bypass |
2012-12-31 |
2012-12-31 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Central application in i-GEN opLYNX before 2.01.9 allows remote attackers to bypass authentication via vectors involving the disabling of browser JavaScript support. |
|
36 |
CVE-2012-4681 |
|
|
Exec Code Bypass |
2012-08-27 |
2017-08-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class. |
|
37 |
CVE-2012-4613 |
287 |
|
Bypass |
2012-11-15 |
2013-02-25 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
EMC RSA Data Protection Manager Appliance 2.7.x and 3.x before 3.2.1 does not properly restrict the number of authentication attempts by a user account, which makes it easier for local users to bypass intended access restrictions via a brute-force attack. |
|
38 |
CVE-2012-4604 |
287 |
|
Bypass |
2012-08-23 |
2012-08-23 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a crafted userRoles field, in a cookie, as demonstrated by a request to explorer_wse/favorites.exe. |
|
39 |
CVE-2012-4596 |
22 |
|
Dir. Trav. Bypass |
2012-08-22 |
2013-04-10 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in McAfee Email Gateway (MEG) 7.0.0 and 7.0.1 allows remote authenticated users to bypass intended access restrictions and download arbitrary files via a crafted URL. |
|
40 |
CVE-2012-4595 |
287 |
|
Bypass |
2012-08-22 |
2017-08-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6 through Patch 3, and McAfee Email Gateway (MEG) 7.0.0 and 7.0.1, allows remote attackers to bypass authentication and obtain an admin session ID via unspecified vectors. |
|
41 |
CVE-2012-4594 |
264 |
|
Bypass +Info |
2012-08-22 |
2017-08-28 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
McAfee ePolicy Orchestrator (ePO) 4.6.1 and earlier allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information from arbitrary reporting panels, via a modified ID value in a console URL. |
|
42 |
CVE-2012-4593 |
264 |
|
Bypass |
2012-08-22 |
2012-08-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command. |
|
43 |
CVE-2012-4586 |
264 |
|
Bypass |
2012-08-22 |
2012-08-22 |
3.5 |
None |
Remote |
Medium |
Single system |
Partial |
None |
None |
|
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows remote authenticated users to bypass intended permission settings by requesting a file. |
|
44 |
CVE-2012-4566 |
264 |
|
Bypass |
2012-11-19 |
2012-11-20 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
The DTLS support in radsecproxy before 1.6.2 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, which might allow remote attackers to bypass intended access restrictions and spoof clients, a different vulnerability than CVE-2012-4523. |
|
45 |
CVE-2012-4528 |
264 |
|
Bypass |
2012-12-28 |
2013-11-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data. |
|
46 |
CVE-2012-4523 |
264 |
|
Bypass |
2012-11-19 |
2013-01-29 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
radsecproxy before 1.6.1 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, which might allow remote attackers to bypass intended access restrictions and spoof clients. |
|
47 |
CVE-2012-4500 |
264 |
|
Bypass |
2012-10-31 |
2013-03-01 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
The Announcements module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with the "access announcements" permission to bypass node access restrictions and possibly have other unspecified impact. |
|
48 |
CVE-2012-4498 |
264 |
|
Bypass |
2012-11-02 |
2012-11-06 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Activism module 6.x-2.x before 6.x-2.1 for Drupal does not properly restrict access to the "Campaign" content type, which might allow remote attackers to bypass access restrictions and possibly have other unspecified impact. |
|
49 |
CVE-2012-4494 |
264 |
|
Bypass |
2012-10-31 |
2012-11-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The Shibboleth authentication module 7.x-4.0 for Drupal does not properly check the active status of users, which allows remote blocked users to access bypass intended access restrictions and possibly have other impacts by logging in. |
|
50 |
CVE-2012-4477 |
264 |
|
Bypass |
2012-11-30 |
2012-12-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Unspecified vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to bypass access restrictions via unknown attack vectors. |
