Skip to main content
CVE-2012-1896 MEDIUM This Month

Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during construction of output data, which allows remote attackers to obtain sensitive information via (1) a crafted. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 48.7% and no vendor patch available.

Information Disclosure Microsoft Net Framework
NVD
CVSS 2.0
5.0
EPSS
48.7%
CVE-2012-4949 MEDIUM POC This Month

SQL injection vulnerability in ESRI ArcGIS 10.1 allows remote authenticated users to execute arbitrary SQL commands via the where parameter to a query URI for a REST service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Arcgis Server
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
1.3%
CVE-2012-2532 MEDIUM This Month

Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) processes unspecified commands before TLS is enabled for a session, which allows remote attackers to obtain sensitive. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.6% and no vendor patch available.

Information Disclosure Microsoft Command Injection Ftp Service
NVD
CVSS 2.0
5.0
EPSS
19.6%
CVE-2012-4853 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Application Server 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Information Disclosure IBM Websphere Application Server
NVD
CVSS 2.0
6.8
EPSS
0.2%
CVE-2012-4948 MEDIUM This Month

The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier. Rated medium severity (CVSS 5.3). No vendor patch available.

Fortinet Information Disclosure Fortigate 1000C Fortigate 100D Fortigate 110C +26
NVD
CVSS 2.0
5.3
EPSS
0.2%
CVE-2012-3330 MEDIUM This Month

The proxy server in IBM WebSphere Application Server 7.0 before 7.0.0.27, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1, and WebSphere Virtual Enterprise, allows remote attackers to cause a denial of. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service IBM Websphere Application Server
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2012-4851 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Websphere Application Server
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2012-4847 MEDIUM This Month

IBM Cognos Business Intelligence (BI) 8.4 and 8.4.1 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted request containing a zero-valued byte. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service IBM Cognos Business Intelligence
NVD
CVSS 2.0
4.0
EPSS
0.4%
CVE-2012-5860 MEDIUM This Month

Unspecified vulnerability on Oberthur ID-One COSMO 5.2, 5.2a, and 64 smart cards makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging the generation of. Rated medium severity (CVSS 4.0). No vendor patch available.

Information Disclosure Id One Cosmo
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy