CVE-2012-1405

Unspecified vulnerability in the GO Note Widget com.gau.go.launcherex.gowidget.notewidget application 1.5 and 1.9 for Android has unknown impact and attack vectors...

CVE-2012-1405

Technical details about CVE-2012-1405 are not publicly available in the provided documents. Monitor for updates; no affected product/version, impact, vectors, or fixes are specified in the supplied sources.

United States Census Bureau Hacked and Vulnerability Exposed

United States Census Bureau Hacked and Vulnerability Exposed A Group of Hackers from r00tw0rm found SQL injection Vulnerability on United States Census Bureau,0x3a,user\,0x3a,database\,4,5,groupconcat\tablename+from+informationschema.tables--+ and Hackers successfully exploit the Database and...

tomcat: Multiple weaknesses in HTTP DIGEST authentication

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability th...

MySQL < 4.1.2 Insecure Temporary File Creation

The version of MySQL installed on the remote host is earlier than 4.1.2 and reportedly allows a local user to overwrite files via a symlink attack. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17799; scriptversion"1.4"; scriptcvsdate"Date: 2018/07/16 14:09:12";...

TFTP Server 1.4 - ST &#039;RRQ&#039; Remote Buffer Overflow

!/usr/bin/python --------------------------------------------------------------------------- Exploit: TFTP SERVER V1.4 ST RRQ Overflow OS: Windows XP PRO SP3 Author: b33f --------------------------------------------------------------------------- Smashing the stack for fun and practise... This tf...

CVE-2012-6038

creationtimestamp| type| source ---|---|--- 2012-01-10 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18344...

OpenSSL 0.9.7 < 0.9.7f Vulnerability

The version of OpenSSL installed on the remote host is prior to 0.9.7f. It is, therefore, affected by a vulnerability as referenced in the 0.9.7f advisory. - The derchop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwri...

Multiple Programming Language Implementations Vulnerable to Hash Table Collision Attacks

US-CERT is aware of reports stating that multiple programming language implementations, including web platforms, are vulnerable to hash table collision attacks. This vulnerability could be used by an attacker to launch a denial-of-service attack against websites using affected products. The Ruby...

SAP NetWeaver SOAP RFC - CSRF

Application: SAP BASIS Vendor URL: http://www.sap.com Bugs: CSRF Exploits: YES Reported: 12.03.2011 Vendor response:13.03.2011 Date of SAP Security Note published: 14.08.2012 Date of Public Advisory:13.11.2012 Reference: SAP Security Note 1728500 Author: Alexey Tyurin ERPScan Description It is...

SAP Portal - unauthorized file read

Application: SAP Portal Vendor URL: http://www.sap.com Bugs: Directory traversal Exploits: YES Reported: 12.03.2011 Vendor response: 13.03.2011 Date of Public Advisory: 12.09.2012 Reference: SAP Security Note 1707494 Author: Dmitry Chastukhin ERPScan Description It is possible to read files in...

[DSECRG-11-030] SAP NetWeaver JavaMailExamples - XSS

SAP NetWeaver JavaMailExamples has linked XSS vulnerability. Digital Security Research Group DSecRG Advisory Internal DSecRG-00135 Application: SAP NetWeaver Versions Affected: SAP NetWeaver JavaMailExamples Vendor URL: http://www.SAP.com Bugs: XSS Exploits: YES Reported: 11.05.2010 Vendor...

[DSECRG-11-040] SAP NetWeaver SPML - XML CSRF user creation

DSECRG-11-040 SAP NetWeaver SPML - XML CSRF user creation Attacker can create a new user in J2EE Engine using CSRF attack on SPML service. Application: SAP NetWeaver Versions Affected: SAP NetWeaver Vendor URL: http://www.SAP.com Bugs: CSRF Reported: 14.03.2011 Vendor response: 15.03.2011 Date of...

[DSECRG-11-032] SAP NetWeaver ipcpricing - information disclose

DSECRG-11-032 SAP NetWeaver ipcpricing - information disclose com.sap.ipc.webapp.ipcpricing application has information disclose vulnerability Digital Security Research Group DSecRG Advisory DSECRG-11-032 Internal DSecRG-00197 Application: SAP NetWeaver Versions Affected: SAP NetWeaver Vendor URL...

[DSECRG-11-031] SAP RFC EPS_DELETE_FILE - Authorisation bypass, smbrelay

DSECRG-11-031 SAP RFC EPSDELETEFILE - Authorisation bypass, smbrelay Security vulnerability was founded in sap EPSDELETEFILE RFC function allows attacker to delete files remotely or steal hashes of SAP server account in windows environment using SMBRelay attack. Digital Security Research Group...

SAP NetWeaver BW Doc Cross Site Scripting

DSECRG-11-037 SAP BW Doc - Multiple XSS BW DOC metadata application in SAP NetWeaver is vulnerable to XSS attack. Application: SAP NetWeaver Versions Affected: SAP NetWeaver Vendor URL: http://www.SAP.com Bugs: XSS Reported: 14.03.2011 Vendor response: 16.03.2011 Date of Public Advisory: 11.11.20...

Oracle DataDirect Buffer Overflow

g 208.152c: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This exception may be expected and handled...

CVE-2011-3883

Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counters...

CVE-2011-3254

Cross-site scripting XSS vulnerability in Calendar in Apple iOS before 5 allows remote attackers to inject arbitrary web script or HTML via an invitation note...

CVE-2011-3254

Cross-site scripting XSS vulnerability in Calendar in Apple iOS before 5 allows remote attackers to inject arbitrary web script or HTML via an invitation note...