Skip to main content
CVE-2012-5519 HIGH POC THREAT Act Now

CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 10.2%.

Privilege Escalation Debian Cups
NVD
CVSS 2.0
7.2
EPSS
10.2%
CVE-2012-4366 LOW POC THREAT Monitor

Belkin wireless routers Surf N150 Model F7D1301v1, N900 Model F9K1104v1, N450 Model F9K1105V2, and N300 Model F7D2301v1 generate a predictable default WPA2-PSK passphrase based on eight digits of the. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 13.3%.

Information Disclosure N150 Wireless Router N300 Wireless Router N450 Wireless Router N900 Wireless Router
NVD Exploit-DB
CVSS 2.0
3.3
EPSS
13.3%
CVE-2012-5674 HIGH This Week

Unspecified vulnerability in Adobe ColdFusion 10 before Update 5, when Internet Information Services (IIS) is used, allows attackers to cause a denial of service via unknown vectors. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Adobe Denial Of Service Coldfusion
NVD
CVSS 2.0
7.1
EPSS
1.9%
CVE-2012-4523 MEDIUM This Month

radsecproxy before 1.6.1 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain,. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Radsecproxy
NVD
CVSS 2.0
6.4
EPSS
0.2%
CVE-2012-4566 MEDIUM This Month

The DTLS support in radsecproxy before 1.6.2 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Radsecproxy
NVD
CVSS 2.0
6.4
EPSS
0.2%
CVE-2012-4510 MEDIUM This Month

cups-pk-helper before 0.2.3 does not properly wrap the (1) cupsGetFile and (2) cupsPutFile function calls, which allows user-assisted remote attackers to read or overwrite sensitive files using CUPS. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Cups Pk Helper
NVD
CVSS 2.0
5.8
EPSS
0.4%
CVE-2012-5703 MEDIUM This Month

The vSphere API in VMware ESXi 4.1 and ESX 4.1 allows remote attackers to cause a denial of service (host daemon crash) via an invalid value in a (1) RetrieveProp or (2) RetrievePropEx SOAP request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Denial Of Service Esx ESXi
NVD
CVSS 2.0
5.0
EPSS
1.0%
CVE-2012-3354 MEDIUM This Month

doku.php in DokuWiki, as used in Fedora 16, 17, and 18, when certain PHP error levels are set, allows remote attackers to obtain sensitive information via the prefix parameter, which reveals the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

PHP Information Disclosure Dokuwiki Fedora
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2012-5920 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) 2.4 through 2.5 Final, as used in JBoss Operations Network (ON) 3.1.1 and possibly other products, allows remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Google XSS Web Toolkit
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-4563 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) 2.4 Beta and release candidates before 2.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Google XSS Web Toolkit
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2012-5529 LOW Monitor

TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by preparing an empty dynamic SQL. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Firebird
NVD
CVSS 2.0
3.5
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy