Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-5061 | 1 Oracle | 1 Financial Services Software | 2017-08-28 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, 11.0.0 through 11.4.0, and 12.0.0 allows remote authenticated users to affect confidentiality, related to BASE. | |||||
| CVE-2012-5064 | 1 Oracle | 1 Financial Services Software | 2017-08-28 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, and 11.0.0 through 11.2.0 allows remote authenticated users to affect confidentiality, related to BASE. | |||||
| CVE-2012-5098 | 1 J Waite | 1 Php-x-links | 2017-08-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to rate.php, (2) cid parameter to view.php, or (3) t parameter to pop.php. | |||||
| CVE-2012-5099 | 1 Phpb2b | 1 Phpb2b | 2017-08-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in list.php in PHPB2B 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action. | |||||
| CVE-2012-5100 | 1 Luizpicanco | 1 Hserver | 2017-08-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in HServer 0.1.1 allows remote attackers to read arbitrary files via a (1) ..%5c (dot dot encoded backslash) or (2) %2e%2e%5c (encoded dot dot backslash) in the PATH_INFO. | |||||
| CVE-2012-5101 | 2 Jextensions, Joomla | 2 Je Poll Component, Joomla\! | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JExtensions JE Poll component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2012-5102 | 1 Dariusz Handzlik | 1 Vertrigoserv | 2017-08-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in inc/extensions.php in VertrigoServ 2.25 allows remote attackers to inject arbitrary web script or HTML via the ext parameter. | |||||
| CVE-2012-5103 | 1 Dnelubin | 1 Gelinsguestbook | 2017-08-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in action/add-submit.php in Ggb Guestbook 0.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url or (2) message parameter. | |||||
| CVE-2012-5104 | 1 Ubbcentral | 1 Ubb.threads | 2017-08-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in forums/ubbthreads.php in UBB.threads 7.5.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the Loginname parameter. | |||||
| CVE-2012-5105 | 1 Sqlitemanager | 1 Sqlitemanager | 2017-08-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager 1.2.4 allow remote attackers to inject arbitrary web script or HTML via the dbsel parameter to (1) main.php or (2) index.php; or (3) nsextt parameter to index.php. | |||||
| CVE-2012-5106 | 1 Freefloat | 1 Freefloat Ftp Server | 2017-08-28 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in FreeFloat FTP Server 1.0 allows remote authenticated users to execute arbitrary code via a long string in a PUT command. | |||||
| CVE-2012-5115 | 2 Apple, Google | 2 Mac Os X, Chrome | 2017-08-28 | 7.5 HIGH | N/A |
| Google Chrome before 23.0.1271.64 on Mac OS X does not properly mitigate improper write behavior in graphics drivers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger "wild writes." | |||||
| CVE-2012-5118 | 2 Apple, Google | 2 Mac Os X, Chrome | 2017-08-28 | 7.5 HIGH | N/A |
| Google Chrome before 23.0.1271.64 on Mac OS X does not properly validate an integer value during the handling of GPU command buffers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2012-5120 | 2 Google, Linux | 3 Chrome, V8, Linux Kernel | 2017-08-28 | 7.5 HIGH | N/A |
| Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on 64-bit Linux platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to an array. | |||||
| CVE-2012-5134 | 3 Apple, Google, Xmlsoft | 3 Iphone Os, Chrome, Libxml2 | 2017-08-28 | 6.8 MEDIUM | N/A |
| Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document. | |||||
| CVE-2012-5161 | 1 Citrix | 1 Xenapp | 2017-08-28 | 9.3 HIGH | N/A |
| The XML Service interface in Citrix XenApp 6.5 and 6.5 Feature Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-5162 | 1 Osclass | 1 Osclass | 2017-08-28 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in oc-admin/ajax/ajax.php in OSClass before 2.3.5 allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) edit_category_post or (2) enable_category action to index.php. | |||||
| CVE-2012-5163 | 1 Osclass | 1 Osclass | 2017-08-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in oc-admin/ajax/ajax.php in OSClass before 2.3.5 allows remote attackers to inject arbitrary web script or HTML via the id parameter in an enable_category action to index.php. | |||||
| CVE-2012-5164 | 1 Fork-cms | 1 Fork Cms | 2017-08-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the term parameter to (1) autocomplete.php, (2) search/ajax/autosuggest.php, (3) livesuggest.php, or (4) save.php in frontend/modules/search/ajax. | |||||
| CVE-2012-5167 | 1 Atutor | 1 Acontent | 2017-08-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ATutor AContent before 1.2-1 allow remote attackers to execute arbitrary SQL commands via the (1) field parameter to course_category/index_inline_editor_submit.php or (2) user/index_inline_editor_submit.php; or (3) id parameter to user/user_password.php. | |||||