CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2012

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
501 CVE-2012-5108 362 Exec Code 2012-10-09 2017-09-19
9.3
None Remote Medium Not required Complete Complete Complete
Race condition in Google Chrome before 22.0.1229.92 allows remote attackers to execute arbitrary code via vectors related to audio devices.
502 CVE-2012-5105 79 XSS 2012-09-23 2017-08-29
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in SQLiteManager 1.2.4 allow remote attackers to inject arbitrary web script or HTML via the dbsel parameter to (1) main.php or (2) index.php; or (3) nsextt parameter to index.php.
503 CVE-2012-5104 79 1 XSS 2012-09-23 2017-08-29
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in forums/ubbthreads.php in UBB.threads 7.5.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the Loginname parameter.
504 CVE-2012-5103 79 1 XSS 2012-09-23 2017-08-29
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in action/add-submit.php in Ggb Guestbook 0.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url or (2) message parameter.
505 CVE-2012-5102 79 XSS 2012-09-23 2017-08-29
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in inc/extensions.php in VertrigoServ 2.25 allows remote attackers to inject arbitrary web script or HTML via the ext parameter.
506 CVE-2012-5101 89 Exec Code Sql 2012-09-23 2017-08-29
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the JExtensions JE Poll component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
507 CVE-2012-5100 22 Dir. Trav. 2012-09-23 2017-08-29
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in HServer 0.1.1 allows remote attackers to read arbitrary files via a (1) ..%5c (dot dot encoded backslash) or (2) %2e%2e%5c (encoded dot dot backslash) in the PATH_INFO.
508 CVE-2012-5099 79 1 XSS 2012-09-23 2017-08-29
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in list.php in PHPB2B 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action.
509 CVE-2012-5098 89 1 Exec Code Sql 2012-09-23 2017-08-29
7.5
None Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to rate.php, (2) cid parameter to view.php, or (3) t parameter to pop.php.
510 CVE-2012-5095 2012-10-17 2013-10-11
4.4
None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to inetd.
511 CVE-2012-5094 2012-10-17 2013-10-11
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2 and 6.1.0.0 allows remote attackers to affect confidentiality via unknown vectors related to User Group Management.
512 CVE-2012-5093 2012-10-17 2013-10-11
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2 and 6.1.0.0 allows remote attackers to affect integrity via unknown vectors related to Global Spec Management.
513 CVE-2012-5092 2012-10-17 2013-10-11
5.5
None Remote Low ??? Partial Partial None
Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2 and 6.1.0.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Supply Chain Relationship Management.
514 CVE-2012-5091 2012-10-17 2013-10-11
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in the Oracle Agile Product Supplier Collaboration for Process component in Oracle Supply Chain Products Suite 5.2.2 and 6.1.0.0 allows remote attackers to affect confidentiality via unknown vectors related to Supplier Portal.
515 CVE-2012-5090 2012-10-17 2013-10-11
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Oracle Agile PLM for Process component in Oracle Supply Chain Products Suite 5.2.2 and 6.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Document Reference Library.
516 CVE-2012-5089 2012-10-16 2022-05-13
7.6
None Remote High Not required Complete Complete Complete
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than CVE-2012-3143.
517 CVE-2012-5088 2012-10-16 2017-09-19
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
518 CVE-2012-5087 2012-10-16 2017-09-19
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.
519 CVE-2012-5086 2012-10-16 2022-05-13
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.
520 CVE-2012-5085 2012-10-16 2022-05-13
0.0
None Remote Medium ??? None None None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE.
521 CVE-2012-5084 2012-10-16 2022-05-13
7.6
None Remote High Not required Complete Complete Complete
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
522 CVE-2012-5083 2012-10-16 2022-05-13
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
523 CVE-2012-5082 2012-10-16 2017-09-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2 and earlier allows remote attackers to affect availability via unknown vectors.
524 CVE-2012-5081 2012-10-16 2022-05-13
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE.
525 CVE-2012-5080 2012-10-16 2017-09-19
7.6
None Remote High Not required Complete Complete Complete
Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2012-5078.
526 CVE-2012-5079 2012-10-16 2022-05-13
5.0
None Remote Low Not required None Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries, a different vulnerability than CVE-2012-5073.
527 CVE-2012-5078 2012-10-16 2017-09-19
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2012-5080.
528 CVE-2012-5077 2012-10-16 2022-05-13
2.6
None Remote High Not required Partial None None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security.
529 CVE-2012-5076 2012-10-16 2017-09-19
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS.
530 CVE-2012-5075 2012-10-16 2022-05-13
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX.
531 CVE-2012-5074 2012-10-16 2017-09-19
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality and integrity, related to JAX-WS.
532 CVE-2012-5073 2012-10-16 2022-05-13
5.0
None Remote Low Not required None Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries, a different vulnerability than CVE-2012-5079.
533 CVE-2012-5072 2012-10-16 2022-05-13
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security.
534 CVE-2012-5071 2012-10-16 2022-05-13
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX.
535 CVE-2012-5070 2012-10-16 2017-09-19
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, related to JMX.
536 CVE-2012-5069 2012-10-16 2022-05-13
5.8
None Remote Medium Not required Partial Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency.
537 CVE-2012-5068 2012-10-16 2022-05-13
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
538 CVE-2012-5067 2012-10-16 2017-09-19
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
539 CVE-2012-5066 2012-10-17 2013-10-11
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in the Oracle Central Designer component in Oracle Industry Applications 1.3, 1.4, and 1.4.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
540 CVE-2012-5065 2012-10-17 2013-10-11
2.1
None Local Low Not required None Partial None
Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows local users to affect integrity via unknown vectors related to ImagePicker.
541 CVE-2012-5064 2012-10-17 2017-08-29
3.5
None Remote Medium ??? Partial None None
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, and 11.0.0 through 11.2.0 allows remote authenticated users to affect confidentiality, related to BASE.
542 CVE-2012-5063 2012-10-17 2013-10-11
5.0
None Remote Low Not required None Partial None
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, 11.0.0 through 11.4.0, and 12.0.0 allows remote attackers to affect integrity, related to BASE.
543 CVE-2012-5061 2012-10-17 2017-08-29
4.0
None Remote Low ??? Partial None None
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Software 10.0.0, 10.0.2, 10.1.0, 10.2.0, 10.2.2, 10.3.0, 10.5.0, 11.0.0 through 11.4.0, and 12.0.0 allows remote authenticated users to affect confidentiality, related to BASE.
544 CVE-2012-5058 2012-10-17 2013-10-11
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to the Web interface.
545 CVE-2012-5055 200 +Info 2012-12-05 2012-12-28
5.0
None Remote Low Not required Partial None None
DaoAuthenticationProvider in VMware SpringSource Spring Security before 2.0.8, 3.0.x before 3.0.8, and 3.1.x before 3.1.3 does not check the password if the user is not found, which makes the response delay shorter and might allow remote attackers to enumerate valid usernames via a series of login requests.
546 CVE-2012-5054 189 1 Exec Code Overflow 2012-09-24 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments.
547 CVE-2012-5051 22 Dir. Trav. 2012-10-05 2013-02-02
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in VMware CapacityIQ 1.5.x allows remote attackers to read arbitrary files via unspecified vectors.
548 CVE-2012-5050 79 XSS 2012-10-05 2017-08-29
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the server in VMware vCenter Operations (aka vCOps) before 5.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
549 CVE-2012-5049 20 DoS 2012-09-28 2013-04-11
7.8
None Remote Low Not required None None Complete
APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
550 CVE-2012-5048 399 DoS 2012-09-28 2013-04-11
7.8
None Remote Low Not required None None Complete
APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted packet.
Total number of vulnerabilities : 5297   Page : 1 2 3 4 5 6 7 8 9 10 11 (This Page)12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.