Unspecified vulnerability in HP System Management Homepage (SMH) before 7.0 allows remote authenticated users to cause a denial of service via unknown vectors. Date published : 2012-04-18 http://www.securityfocus.com/archive/1/522374 http://www.securityfocus.com/archive/1/522374
Google SketchUp before 8 does not properly handle edge geometry in SketchUp (aka .SKP) files, which allows remote attackers to execute arbitrary code via a crafted file. Date published : 2012-04-17 http://support.google.com/sketchup/bin/static.py?hl=en&page=release_notes.cs&rd=1 http://technet.microsoft.com/en-us/security/msvr/msvr11-006
Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite)...
Cross-site scripting (XSS) vulnerability in starnet/index.php in SyndeoCMS 3.0.01 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the email parameter (aka Email address field) in an edit_user configuration...
VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware Tools...
Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request. Date published...
master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service (unhandled exception and daemon crash) via a crafted...
master.exe in the SNMP Master Agent in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to cause a denial of service (daemon crash) by establishing and closing a port-705...
Cross-site request forgery (CSRF) vulnerability in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to hijack the authentication of administrators for requests that cause a denial of service (stack...
Multiple cross-site scripting (XSS) vulnerabilities in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2012-04-16 http://www.securityfocus.com/bid/52929...
RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x store passwords in cleartext under adm_b_dbusers, which allows local users to obtain sensitive information by reading a database. Date published : 2012-04-16 http://www.securityfocus.com/bid/52929 http://archives.neohapsis.com/archives/bugtraq/2012-04/0062.html
GRScript18.dll before 1.2.2.0 in ActiveScriptRuby (ASR) before 1.8.7 does not properly restrict interaction with an Internet Explorer ActiveX environment, which allows remote attackers to execute arbitrary Ruby code via a crafted HTML document. Date...
Cross-site scripting (XSS) vulnerability in the RECRUIT Dokodemo Rikunabi 2013 extension before 1.0.1 for Google Chrome allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2012-04-16 http://www.securityfocus.com/bid/53008...
Buffer overflow in rn5auth.dll in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to execute arbitrary code via crafted authentication credentials. Date published : 2012-04-16 http://www.securityfocus.com/bid/52929 http://helixproducts.real.com/docs/security/SecurityUpdate04022012HS.pdf