Critical · CVSS 9.3
A stack-based buffer overflow vulnerability exists in D-Link DIR-605L Wireless N300 Cloud Router firmware versions 1.12 and 1.13 via the getAuthCode() function. The flaw arises from unsafe usage of sprintf() when processing user-supplied CAPTCHA data via the FILECODE parameter in /goform/formLogin. A remote unauthenticated attacker can exploit this to execute arbitrary code with root privileges on the device.
Published Jul 31, 2025 · Updated May 14, 2026
High · CVSS 7.8 · CISA KEV
Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications (VBA); and Summit Microsoft Visual Basic for Applications SDK allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx file, aka "Visual Basic for Applications Insecure Library Loading Vulnerability," as exploited in the wild in July 2012.
Published Jul 10, 2012 · Updated Apr 14, 2026
Critical · CVSS 9.8
The Front End Editor plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the upload.php file in versions before 2.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.
Published Jul 19, 2025 · Updated Apr 8, 2026
Critical · CVSS 9.8
The FoxyPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadify.php file in versions up to, and including, 0.4.2.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.
Published Jul 22, 2025 · Updated Apr 8, 2026
Medium · CVSS 6.5
file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference.
Published Jul 17, 2012 · Updated Dec 4, 2025
High · CVSS 7.4
The default configuration of Cyberoam UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the Cyberoam_SSL_CA certificate in a list of trusted root certification authorities. NOTE: the vendor disputes the significance of this issue because the appliance "does not allow import or export of the foresaid private key.
Published Jul 9, 2012 · Updated Jan 27, 2025
High · CVSS 8.8
The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted name for a (1) file or (2) directory, aka "Command Injection Vulnerability."
Published Jul 10, 2012 · Updated Jan 21, 2025
Critical · CVSS 9.8
Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 allows remote attackers to execute arbitrary code via crafted XML data that triggers access to an uninitialized object in memory, aka "ADO Cachesize Heap Overflow RCE Vulnerability."
Published Jul 10, 2012 · Updated Oct 17, 2024
Unknown · CVSS Not scored
The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953.
Published Jul 12, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
WellinTech KingView 6.53 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted packet to (1) TCP or (2) UDP port 2001.
Published Jul 5, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to configure encryption or signing for certain outbound e-mail, and possibly cause a denial of service (loss of e-mail readability), via an e-mail message to a queue's address.
Published Jul 24, 2013 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Untrusted search path vulnerability in Invensys Wonderware InTouch 2012 and earlier, as used in Wonderware Application Server, Wonderware Information Server, Foxboro Control Software, InFusion CE/FE/SCADA, InBatch, and Wonderware Historian, allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
Published Jul 26, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Bug ID CSCth85804.
Published Jul 12, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
AirDroid 1.0.4 beta uses the MD5 algorithm for values in the checklogin key parameter and 7bb cookie, which makes it easier for remote attackers to obtain cleartext data by sniffing the local wireless network and then conducting a (1) brute-force attack or (2) rainbow-table attack.
Published Jul 26, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
AirDroid before 1.0.7 beta uses a cleartext base64 format for data transfer that is documented as an "Encrypted Transmission" feature, which allows remote attackers to obtain sensitive information by sniffing the local wireless network, as demonstrated by the SMS message content sent to the sdctl/sms/send/single/ URI.
Published Jul 26, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
WebKit in Apple Safari before 6.0 does not properly handle file: URLs, which allows remote attackers to bypass intended sandbox restrictions and read arbitrary files by leveraging a WebProcess compromise.
Published Jul 25, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Tridium Niagara AX Framework does not properly store credential data, which allows context-dependent attackers to bypass intended access restrictions by using the stored information for authentication.
Published Jul 16, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Unspecified vulnerability in the WebAdmin Portal in Netsweeper has unknown impact and attack vectors, a different vulnerability than CVE-2012-2446 and CVE-2012-2447.
Published Jul 9, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Site Documentation (Sitedoc) module for Drupal 6.x-1.x before 6.x-1.4 does not properly check the save location when archiving, which allows remote attackers to obtain sensitive information via unspecified vectors.
Published Jul 25, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to obtain sensitive information about full pathnames via a crafted web site.
Published Jul 25, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session.
Published Jul 31, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in Apple Safari before 6.0 allows remote attackers to inject arbitrary web script or HTML via a feed:// URL.
Published Jul 25, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
PHP remote file inclusion vulnerability in front/popup.php in GLPI 0.78 through 0.80.61 allows remote authenticated users to execute arbitrary PHP code via a URL in the sub_type parameter.
Published Jul 12, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Published Jul 5, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1325.
Published Jul 11, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Stack-based buffer overflow in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 555.
Published Jul 5, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled with a "Sign by default" queue configuration, uses a queue's key for signing, which might allow remote attackers to spoof messages by leveraging the lack of authentication semantics.
Published Jul 24, 2013 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Multiple SQL injection vulnerabilities in RTG 0.7.4 and RTG2 0.9.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) 95.php, (2) view.php, or (3) rtg.php.
Published Jul 12, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-2355.
Published Jul 19, 2013 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Session fixation vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to hijack web sessions via unspecified vectors.
Published Jul 5, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Multiple cross-site request forgery (CSRF) vulnerabilities in Brightmail Control Center in Symantec Message Filter 6.3 allow remote attackers to hijack the authentication of arbitrary users for requests that (1) execute application commands or (2) create admin accounts.
Published Jul 5, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Joomla! 2.5.3 allows remote attackers to obtain the installation path via the Host HTTP Header.
Published Jul 3, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site.
Published Jul 25, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
TikiWiki CMS/Groupware 8.3 and earlier allows remote attackers to obtain the installation path via a direct request to (1) admin/include_calendar.php, (2) tiki-rss_error.php, or (3) tiki-watershed_service.php.
Published Jul 12, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field.
Published Jul 9, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for remote attackers to spoof details of a message's origin or interfere with encryption-policy auditing via an e-mail message to a queue's address.
Published Jul 24, 2013 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The Johnson Controls Pegasys P2000 server with software before 3.11 allows remote attackers to trigger false alerts via crafted packets to TCP port 41013 (aka the upload port), a different vulnerability than CVE-2012-2607.
Published Jul 16, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko before 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) groupname parameter in a savecategory in the users module; (2) virtual_filename, (3) branch, (4) contact_person, (5) street, (6) city, (7) province, (8) postal, (9) country, (10) tollfree, (11) phone, (12) fax, or (13) mobile parameter in a saveitem action in the contacts module; (14) title parameter in a savecategory action in the menus module; (15) firstname or (16) lastname in a saveitem action in the users module; (17) meta_key or (18) meta_description in a saveitem action in the blog module; or (19) the PATH_INFO to admin/index.php.
Published Jul 3, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cross-site request forgery (CSRF) vulnerability in accountmgr/adminupdate.php in the WebAdmin Portal in Netsweeper allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via an add action.
Published Jul 9, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The default configuration of AirDroid 1.0.4 beta uses a four-character alphanumeric password, which makes it easier for remote attackers to obtain access via a brute-force attack.
Published Jul 26, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option.
Published Jul 9, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in KENT-WEB YY-BOARD before 6.4 allows remote attackers to inject arbitrary web script or HTML via a crafted form entry.
Published Jul 7, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Multiple integer overflows in the (1) chk_malloc, (2) leak_malloc, and (3) leak_memalign functions in libc/bionic/malloc_debug_leak.c in Bionic (libc) for Android, when libc.debug.malloc is set, make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected.
Published Jul 25, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to bypass intended restrictions on reading keys in the product's keyring, and trigger outbound e-mail messages signed by an arbitrary stored secret key, by leveraging a UI e-mail signing privilege.
Published Jul 24, 2013 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W.
Published Jul 18, 2013 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to execute arbitrary code via the size and offset values for the central directory in a zip archive, which triggers "improper restrictions of operations within the bounds of a memory buffer" and an information leak.
Published Jul 12, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The Sleipnir Mobile application before 2.1.0 and Sleipnir Mobile Black Edition application before 2.1.0 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application.
Published Jul 25, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in global-protect/login.esp in Palo Alto Networks Global Protect Portal, Global Protect Gateway, and SSL VPN portals 3.1.x through 3.1.11 and 4.0.x through 4.0.5 allows remote attackers to inject arbitrary web script or HTML via the inputStr parameter in a Login action.
Published Jul 26, 2012 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the (1) select0 or (2) select8 parameters.
Published Jul 3, 2012 · Updated Sep 16, 2024
Unknown · CVSS Not scored
ESRI ArcMap 9 and ArcGIS 10.0.2.3200 and earlier does not properly prompt users before executing embedded VBA macros, which allows user-assisted remote attackers to execute arbitrary VBA code via a crafted map (.mxd) file.
Published Jul 12, 2012 · Updated Sep 16, 2024