CVE-2012-6112

classes/GoogleSpell.php in the PHP Spellchecker aka Google Spellchecker addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote...

CVE-2012-6112

classes/GoogleSpell.php in the PHP Spellchecker aka Google Spellchecker addon before 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 and other products, does not properly handle control characters, which allows remote...

RHEL 4 / 5 : jbossweb (RHSA-2010:0584)

An updated jbossweb package that fixes two security issues is now available for JBoss Enterprise Application Platform 4.2 and 4.3 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System...

RHEL 6 : Ruby on Rails in Subscription Asset Manager (RHSA-2013:0154)

Updated rubygem-actionpack, rubygem-activesupport, and rubygem-activerecord packages that fix multiple security issues are now available for Red Hat Subscription Asset Manager. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scorin...

Apache Tomcat NIO Connector Denial of Service (CVE-2012-4534)

A denial of service vulnerability has been reported in Apache Tomcat. The vulnerability is due to an infinite loop in NIO Connector when a client breaks the connection in the middle of reading the response for a request to a big file. An unauthenticated, remote attacker can exploit this...

Critical: Red Hat Security Advisory: Ruby on Rails security update

Updated rubygem-actionpack, rubygem-activesupport, ruby193-rubygem-actionpack, and ruby193-rubygem-activesupport packages that fix multiple security issues are now available for Red Hat OpenShift Enterprise 1.0. The Red Hat Security Response Team has rated this update as having critical security...

CVE-2013-0005

The WCF Replace function in the Open Data aka OData protocol implementation in Microsoft .NET Framework 3.5, 3.5 SP1, 3.5.1, and 4, and the Management OData IIS Extension on Windows Server 2012, allows remote attackers to cause a denial of service resource consumption and daemon restart via craft...

Denial of service

The WCF Replace function in the Open Data aka OData protocol implementation in Microsoft .NET Framework 3.5, 3.5 SP1, 3.5.1, and 4, and the Management OData IIS Extension on Windows Server 2012, allows remote attackers to cause a denial of service resource consumption and daemon restart via craft...

CVE-2013-0005

The WCF Replace function in the Open Data aka OData protocol implementation in Microsoft .NET Framework 3.5, 3.5 SP1, 3.5.1, and 4, and the Management OData IIS Extension on Windows Server 2012, allows remote attackers to cause a denial of service resource consumption and daemon restart via craft...

Watson Management Console 4.11.2.G - Directory Traversal

Watson Management Console 4.11.2.G - Directory Traversal Exploit Title: Watson Management Console Directory Traversal Vulnerability Google Dork: allintitle:Watson Management Console Contacted Vendor : 17/12/2012 as well as 31/12/2012 The Vendor Did Not Respond . Date: 1/2/2013 Exploit Author: Dhr...

PT-2013-2056 · Microsoft · Management Odata Iis Extension +3

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 3.5 through 4 Management OData IIS Extension on Windows Server 2012 Description: A denial of service issue exists in the OData protocol implementation, allowing remote attackers to cause a denial of service v...

Watson Management Console 4.11.2.G Directory Traversal

Exploit Title: Watson Management Console Directory Traversal Vulnerability Google Dork: allintitle:Watson Management Console Contacted Vendor : 17/12/2012 as well as 31/12/2012 The Vendor Did Not Respond . Date: 1/2/2013 Exploit Author: Dhruv Shah Vendor Homepage: http://www.schmid-telecom.com/...

CVE-2012-6471

Opera before 12.12 allows remote attackers to spoof the address field via a high rate of HTTP requests...

Code injection

Opera before 12.12 allows remote attackers to spoof the address field via a high rate of HTTP requests...

CVE-2012-6471

Opera before 12.12 allows remote attackers to spoof the address field via a high rate of HTTP requests...

Xxe

IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service CPU and memory consumption, via an XML external entity declaration in conjunction with an entity...

CVE-2012-5970

The Huawei E585 device allows remote attackers to cause a denial of service NULL pointer dereference and device outage via crafted HTTP requests, as demonstrated by unspecified vulnerability-scanning software...

Null pointer dereference

The Huawei E585 device allows remote attackers to cause a denial of service NULL pointer dereference and device outage via crafted HTTP requests, as demonstrated by unspecified vulnerability-scanning software...

CVE-2012-5970

The Huawei E585 device allows remote attackers to cause a denial of service NULL pointer dereference and device outage via crafted HTTP requests, as demonstrated by unspecified vulnerability-scanning software...

CVE-2012-5970

CVE-2012-5970 affects the Huawei E585 pocket wifi 2 device. The vulnerability is a NULL pointer dereference in the HTTP handling code triggered by crafted requests, leading to a denial of service and device outage. Public documents describe this as part of a set of vulnerabilities in the same dev...