Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to "error checking of system calls."
Max CVSS
10.0
EPSS Score
0.29%
Published
2012-09-28
Updated
2017-08-29
Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.33%
Published
2012-09-28
Updated
2017-08-29

CVE-2012-5159

Public exploit
phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via an eval injection attack.
Max CVSS
7.5
EPSS Score
92.72%
Published
2012-09-25
Updated
2013-01-26
SQL injection vulnerability in the JExtensions JE Poll component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.30%
Published
2012-09-23
Updated
2017-08-29
Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to rate.php, (2) cid parameter to view.php, or (3) t parameter to pop.php.
Max CVSS
7.5
EPSS Score
0.09%
Published
2012-09-23
Updated
2017-08-29

CVE-2012-5054

Known exploited
Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments.
Max CVSS
9.3
EPSS Score
44.56%
Published
2012-09-24
Updated
2018-10-30
CISA KEV Added
2022-06-08
APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
Max CVSS
7.8
EPSS Score
0.32%
Published
2012-09-28
Updated
2013-04-11
APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted packet.
Max CVSS
7.8
EPSS Score
0.25%
Published
2012-09-28
Updated
2013-04-11
Heap-based buffer overflow in npdjvu.dll in Caminova DjVu Browser Plug-in 6.1.4 Build 27351 and other versions before 6.1.4.27993 allows remote attackers to execute arbitrary code via a crafted Sjbz chunk in a djvu file.
Max CVSS
9.3
EPSS Score
1.07%
Published
2012-09-19
Updated
2012-09-20
Multiple unspecified vulnerabilities in Hitachi JP1/Cm2/Network Node Manager i before 09-50-03 allow remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors.
Max CVSS
7.5
EPSS Score
7.83%
Published
2012-09-19
Updated
2017-08-29
SQL injection vulnerability in jokes/index.php in the Witze addon 0.9 for deV!L'z Clanportal allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action.
Max CVSS
7.5
EPSS Score
0.26%
Published
2012-09-19
Updated
2017-08-29
Directory traversal vulnerability in acp/index.php in AneCMS allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter.
Max CVSS
7.5
EPSS Score
2.45%
Published
2012-09-19
Updated
2017-08-29
Multiple SQL injection vulnerabilities in RivetTracker 1.03 and earlier allow remote attackers to execute arbitrary SQL commands via the hash parameter to (1) dltorrent.php or (2) torrent_functions.php.
Max CVSS
7.5
EPSS Score
0.97%
Published
2012-09-19
Updated
2017-08-29
torrent_functions.php in RivetTracker 1.03 and earlier does not properly restrict access, which allows remote attackers to have an unspecified impact.
Max CVSS
7.5
EPSS Score
0.64%
Published
2012-09-19
Updated
2012-09-21
Multiple buffer overflows in FlashFXP.exe in FlashFXP 4.2 allow remote authenticated users to execute arbitrary code via a long unicode string to (1) TListbox or (2) TComboBox.
Max CVSS
9.0
EPSS Score
25.59%
Published
2012-09-19
Updated
2017-08-29

CVE-2012-4969

Known exploited
Public exploit
Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.
Max CVSS
9.3
EPSS Score
86.88%
Published
2012-09-18
Updated
2017-11-21
CISA KEV Added
2022-06-08
SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before 1.91+ Build 120224 and earlier allows remote attackers to execute arbitrary SQL commands via the fieldnames parameter to index.php.
Max CVSS
7.5
EPSS Score
0.40%
Published
2012-09-15
Updated
2017-08-29
Multiple SQL injection vulnerabilities in approve.php in Img Pals Photo Host 1.0 allow remote attackers to execute arbitrary SQL commands via the u parameter in a (1) app0 or (2) app1 action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
0.78%
Published
2012-09-15
Updated
2017-08-29

CVE-2012-4924

Public exploit
Buffer overflow in the CxDbgPrint function in the ipswcom.dll ActiveX component 1.0.0.1 for ASUS Net4Switch 1.0.0020 allows remote attackers to execute arbitrary code via a long parameter to the Alert method.
Max CVSS
9.3
EPSS Score
94.22%
Published
2012-09-15
Updated
2017-08-29
Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink.
Max CVSS
7.5
EPSS Score
0.50%
Published
2012-09-13
Updated
2012-09-14
Google Chrome before 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote attackers to have an unspecified impact via a crafted web page.
Max CVSS
9.3
EPSS Score
0.12%
Published
2012-09-13
Updated
2012-09-14
The Linux Console on the WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices has a default password of wago for the (1) root and (2) admin accounts, (3) a default password of user for the user account, and (4) a default password of guest for the guest account, which makes it easier for remote attackers to obtain login access via a TELNET session, a different vulnerability than CVE-2012-3013.
Max CVSS
10.0
EPSS Score
0.32%
Published
2012-09-07
Updated
2013-10-11

CVE-2012-4876

Public exploit
Stack-based buffer overflow in the UltraMJCam ActiveX Control in TRENDnet SecurView TV-IP121WN Wireless Internet Camera allows remote attackers to execute arbitrary code via a long string to the OpenFileDlg method.
Max CVSS
10.0
EPSS Score
84.36%
Published
2012-09-06
Updated
2012-09-07
Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in a PostScript document. NOTE: as of 20120314, the developer was not able to reproduce the issue and disputed it
Max CVSS
9.3
EPSS Score
6.83%
Published
2012-09-06
Updated
2024-03-21
Unspecified vulnerability in the Another WordPress Classifieds Plugin before 2.0 for WordPress has unknown impact and attack vectors related to "image uploads."
Max CVSS
10.0
EPSS Score
0.18%
Published
2012-09-06
Updated
2012-09-07
159 vulnerabilities found
1 2 3 4 5 6 7
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!