| Page(s) : 1 ... 258 259 260 261 262 263 264 265 266 267 [268] 269 270 271 272 273 274 275 276 277 278 ... | Result(s) : 8825 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 3.7 | 2013-01-04 | CVE-2011-4316 | cve | Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, in certain unspecified conditions, does not lock the desktop screen between SPICE sessions, which allows local use... |
| 3.3 | 2012-12-31 | CVE-2012-6371 | cve | The WPA2 implementation on the Belkin N900 F9K1104v1 router establishes a WPS PIN based on 6 digits of the LAN/WLAN MAC address, which makes it easier for remote attackers to ob... |
| 3.3 | 2012-12-31 | CVE-2012-6337 | cve | The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices shows the activation of remote tracking, which might allow physically proximate at... |
| 3.3 | 2012-12-31 | CVE-2012-6336 | cve | The Missing Device feature in Lookout allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer." |
| 3.3 | 2012-12-31 | CVE-2012-6335 | cve | The Anti-theft service in AVG AntiVirus for Android allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer." |
| 2.9 | 2012-12-31 | CVE-2012-6334 | cve | The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices does not properly implement Location APIs, which allows physically proximate attac... |
| 3.5 | 2012-12-28 | CVE-2012-3871 | cve | Cross-site scripting (XSS) vulnerability in data/hybrid/i_hybrid.php in Open Constructor 3.12.0 allows remote authenticated users to inject arbitrary web script or HTML via the ... |
| 3.5 | 2012-12-28 | CVE-2012-3870 | cve | Multiple cross-site scripting (XSS) vulnerabilities in objects/createobject.php in Open Constructor 3.12.0 allow remote authenticated users to inject arbitrary web script or HTM... |
| 2.6 | 2012-12-27 | CVE-2012-5868 | cve | WordPress 3.4.2 does not invalidate a wordpress_sec session cookie upon an administrator's logout action, which makes it easier for remote attackers to discover valid sessi... |
| 2.1 | 2012-12-27 | CVE-2012-2669 | cve | The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.4.5, does not validate the origin of Netlink messages, which allows loca... |
| 2.1 | 2012-12-26 | CVE-2012-5483 | cve | tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec... |
| 2.1 | 2012-12-26 | CVE-2012-0961 | cve | Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ubuntu10.x before 0.8.16~exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0.9.7.5ubuntu5.2, as used in Ubuntu, us... |
| 3.5 | 2012-12-26 | CVE-2012-5589 | cve | The MultiLink module 6.x-2.x before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal does not properly check node permissions when generating an in-content link, which allows remot... |
| 2.6 | 2012-12-26 | CVE-2012-5588 | cve | The Email Field module 6.x-1.x before 6.x-1.3 for Drupal, when using a field permission module and the field contact field formatter is set to the full or teaser display mode, d... |
| 2.1 | 2012-12-26 | CVE-2012-5586 | cve | The Services module 6.x-3.x before 6.x-3.3 and 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "access user profiles" permission to access arbitrary... |
| 2.1 | 2012-12-26 | CVE-2012-5585 | cve | Cross-site scripting (XSS) vulnerability in the Mixpanel module 6.x-1.x before 6.x-1.1 in Drupal allows remote authenticated users with the "access administration pages" permiss... |
| 2.6 | 2012-12-26 | CVE-2012-5183 | cve | The Loctouch application 3.4.6 and earlier for Android allows attackers to obtain sensitive information about logged locations via a crafted application that leverages read perm... |
| 2.1 | 2012-12-26 | CVE-2012-5179 | cve | The Boat Browser application before 4.2 and Boat Browser Mini application before 3.9 for Android do not properly implement the WebView class, which allows attackers to obtain se... |
| 3.3 | 2012-12-24 | CVE-2012-4046 | cve | The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password via a UDP broadcast packet, as demonstrated by running the D-Link Setup Wizard and... |
| 1.9 | 2012-12-21 | CVE-2012-4508 | cve | Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not pr... |
| Page(s) : 1 ... 258 259 260 261 262 263 264 265 266 267 [268] 269 270 271 272 273 274 275 276 277 278 ... | Result(s) : 8825 |
