CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1467 matches found

NVD•added 2012/11/14 12:55 a.m.•30 views

CVE-2012-4777

The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP or 2 a crafted .NET Framework application, a...

9.3CVSS7.4AI score0.1015EPSS

Exploits1References7

NVD•added 2012/11/14 12:55 a.m.•16 views

CVE-2012-1895

The reflection implementation in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP or 2 a crafted .NET Framework application, aka...

9.3CVSS7.4AI score0.09305EPSS

Exploits0References5

Prion•added 2012/11/14 12:55 a.m.•17 views

Design/Logic Flaw

9.3CVSS8AI score0.09305EPSS

Exploits0References5Affected Software1

Prion•added 2012/11/14 12:55 a.m.•23 views

Design/Logic Flaw

9.3CVSS8AI score0.1015EPSS

Exploits1References7Affected Software1

EUVD•added 2012/11/14 12:0 a.m.•3 views

EUVD-2012-1905

9.3CVSS7.3AI score0.09305EPSS

Exploits0References5

Cvelist•added 2012/11/14 12:0 a.m.•22 views

CVE-2012-1895

7.4AI score0.09305EPSS

Exploits0References5

CVE•added 2012/11/14 12:0 a.m.•104 views

CVE-2012-1895

The CVE-2012-1895 entry concerns Microsoft .NET Framework, where the reflection implementation may bypass object permissions. Affected products span .NET Framework 1.0 SP3 through 4, with exploitation possible via a crafted XBAP or crafted .NET application. The root cause is improper enforcement ...

9.3CVSS7.6AI score0.09305EPSS

Exploits0References5Affected Software1

EUVD•added 2012/11/14 12:0 a.m.•4 views

EUVD-2012-4702

9.3CVSS7.2AI score0.1015EPSS

Exploits1References7

CVE•added 2012/11/14 12:0 a.m.•94 views

CVE-2012-4777

CVE-2012-4777 affects Microsoft .NET Framework 4 and 4.5. The vulnerability arises from improper enforcement of object permissions in the reflection code-optimization feature, allowing remote code execution through a crafted XAML browser application (XBAP) or a crafted .NET Framework application....

9.3CVSS7.5AI score0.1015EPSS

Exploits1References7Affected Software1

OpenVAS•added 2012/11/14 12:0 a.m.•47 views

Microsoft .NET Framework Remote Code Execution Vulnerability (2745030)

This host is missing a critical security update according to Microsoft Bulletin MS12-074. OpenVAS Vulnerability Test $Id: secpodms12-074.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft .NET Framework Remote Code Execution Vulnerability 2745030 Authors: Antu Sanadi Copyright: Copyright c 2012 SecPo...

9.3CVSS0.2AI score0.48687EPSS

Exploits3References11

Positive Technologies•added 2012/11/13 12:0 a.m.•4 views

PT-2012-5588 · Microsoft · .Net Framework

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 4 and 4.5 Description: The issue arises from improper object permission enforcement in the reflection implementation's code-optimization feature, allowing remote attackers to execute arbitrary code. This can ...

9.3CVSS6.8AI score0.1015EPSS

Exploits1References11

Positive Technologies•added 2012/11/13 12:0 a.m.•3 views

PT-2012-3633 · Microsoft · .Net Framework

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 1.0 SP3 through 4 Description: The issue arises from improper enforcement of object permissions in the reflection implementation, allowing remote attackers to execute arbitrary code. This can be achieved...

9.3CVSS6.9AI score0.09305EPSS

Exploits0References9

OPENSUSE Linux•added 2012/10/31 4:11 p.m.•32 views

java-1_7_0-openjdk: Update to icedtea-2.3.3 (important)

java-170-opendjk was updated to icedtea-2.3.3 bnc785814 Security fixes - S6631398, CVE-2012-3216: FilePermission improved path checking - S7093490: adjust package access in rmiregistry - S7143535, CVE-2012-5068: ScriptEngine corrected permissions - S7158796, CVE-2012-5070: Tighten properties...

10CVSS1.5AI score0.91438EPSS

Exploits25References1

myhack58•added 2012/10/31 12:0 a.m.•25 views

dedeCMS latest injection vulnerability a gold-bug warning-the black bar safety net

Brief description: Since the parameters of the variables not be initialized testing and using the class reflection skills leads to plus\feedback.php in the variable $typeid presence of injection risk. Detailed description: Since the official has already released patches and vulnerabilities are no...

7.4AI score

Exploits0

canvas•added 2012/10/16 9:55 p.m.•37 views

Immunity Canvas: JAVA_CVE_2012_5088

Name| javaCVE20125088 ---|--- CVE| CVE-2012-5088 Exploit Pack| CANVAS Description| Java MethodHandles.Lookup Remote Code Execution Notes| CVE Name: CVE-2012-5088 VENDOR: Sun Notes: The exploitation technique is abusing bug patched in CVE-2012-5088 which is allowing to use reflection with full...

10CVSS9.9AI score0.81791EPSS

Exploits6

RedHat Linux•added 2012/09/18 10:46 p.m.•2 views

OpenJDK: beans insufficient permission checks, Java 7 0day (beans, 7162473)

Multiple vulnerabilities in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by 1 using com.sun.beans.finder.ClassFinder.findClass and leveraging an...

10CVSS8AI score0.9414EPSS

Exploits10References6

NVD•added 2012/09/06 10:41 a.m.•18 views

CVE-2011-5157

Untrusted search path vulnerability in Attachmate Reflection before 14.1 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, a related issue to CVE-2011-0107. NOTE: some of these details are obtained from third party information...

6.9CVSS6.3AI score0.00053EPSS

Exploits1References4