Export limit exceeded: 10832 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (10832 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-4254 1 Mysqldumper 1 Mysqldumper 2025-04-11 N/A
MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information (Notices) via a direct request to (1) learn/cubemail/restore.php or (2) learn/cubemail/dump.php.
CVE-2012-4255 1 Mysqldumper 1 Mysqldumper 2025-04-11 N/A
MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information via a direct request to learn/cubemail/refresh_dblist.php, which reveals the installation path in an error message.
CVE-2012-4256 2 Joobi, Joomla 2 Com Jnews, Joomla\! 2025-04-11 N/A
The jNews (com_jnews) component 7.5.1 for Joomla! allows remote attackers to obtain sensitive information via the emailsearch parameter, which reveals the installation path in an error message.
CVE-2012-4257 1 George Karpouzas 1 Yet Another Question \& Answer System 2025-04-11 N/A
Yaqas (Yet Another Question & Answer System) 1.0 Alpha 1 allows remote attackers to obtain sensitive information via an invalid character in the PHPSESSID, which reveals the installation path in an error message.
CVE-2012-4332 2 Barandisolutions, Wordpress 2 Shareyourcart, Wordpress 2025-04-11 N/A
The ShareYourCart plugin 1.7.1 for WordPress allows remote attackers to obtain the installation path via unspecified vectors related to the SDK.
CVE-2012-4390 1 Owncloud 2 Owncloud, Owncloud Server 2025-04-11 N/A
(1) apps/calendar/appinfo/remote.php and (2) apps/contacts/appinfo/remote.php in ownCloud before 4.0.7 allows remote authenticated users to enumerate the registered users via unspecified vectors.
CVE-2012-4403 1 Moodle 1 Moodle 2025-04-11 N/A
theme/yui_combo.php in Moodle 2.3.x before 2.3.2 does not properly construct error responses for the drag-and-drop script, which allows remote attackers to obtain the installation path by sending a request for a nonexistent resource and then reading the response.
CVE-2012-4407 1 Moodle 1 Moodle 2025-04-11 N/A
lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly check the publication state of blog files, which allows remote attackers to obtain sensitive information by reading a blog entry that references a non-public file.
CVE-2012-4411 1 Xen 1 Xen 2025-04-11 N/A
The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-0998.
CVE-2012-4429 2 David King, Redhat 2 Vino, Enterprise Linux 2025-04-11 N/A
Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900.
CVE-2013-1454 1 Joomla 1 Joomla\! 2025-04-11 N/A
Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to "Coding errors."
CVE-2012-5172 1 Asial 1 Monaca Debugger 2025-04-11 N/A
The Asial Monaca Debugger application before 1.4.2 for Android allows remote attackers to obtain sensitive (1) account or (2) session ID information in a system log file via a crafted application.
CVE-2012-5180 1 Opera 2 Opera Mini, Opera Mobile 2025-04-11 N/A
The Opera Mobile application before 12.1 and Opera Mini application before 7.5 for Android do not properly implement the WebView class, which allows attackers to obtain sensitive information via a crafted application.
CVE-2012-5182 1 Naver 1 Loctouch 2025-04-11 N/A
The Loctouch application 3.4.6 and earlier for Android does not properly handle implicit intents, which allows attackers to obtain sensitive information about logged locations via a crafted application.
CVE-2012-5183 1 Naver 1 Loctouch 2025-04-11 N/A
The Loctouch application 3.4.6 and earlier for Android allows attackers to obtain sensitive information about logged locations via a crafted application that leverages read permission for system log files.
CVE-2012-5222 2 Hp, Microsoft 2 Service Manager Web Tier, Windows 2025-04-11 N/A
HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2012-6049 1 Opensolution 1 Quick.cart 2025-04-11 N/A
Open Solution Quick.Cart 5.0 allows remote attackers to obtain sensitive information via (1) a long string or (2) invalid characters in a cookie, which reveals the installation path in an error message.
CVE-2012-6052 1 Wireshark 1 Wireshark 2025-04-11 N/A
Wireshark 1.8.x before 1.8.4 allows remote attackers to obtain sensitive hostname information by reading pcap-ng files.
CVE-2012-6469 1 Opera 1 Opera Browser 2025-04-11 N/A
Opera before 12.11 allows remote attackers to determine the existence of arbitrary local files via vectors involving web script in an error page.
CVE-2012-6097 1 Fedorahosted 1 Cronie 2025-04-11 N/A
File descriptor leak in cronie 1.4.8, when running in certain environments, might allow local users to read restricted files, as demonstrated by reading /etc/crontab.