CVE-2006-2252

CVE-2006-2252 - Cross-site scripting vulnerability in submit.php in OpenFAQ 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter. ...
6 years ago

CVE-2011-2252 - Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.3.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2011-2261. ...
8 years ago

CVE-2011-2261 - Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.3.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2011-2252. ...
8 years ago

CVE-2014-2252 - Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted PROFINET packets, a different vulnerability than CVE-2014-2253. ...
5 years ago

CVE-2005-2252 - PhpAuction 2.5 allows remote attackers to bypass authentication and gain privileges as another user by setting the PHPAUCTION_RM_ID cookie to the user ID. ...
16 years ago

CVE-2011-3685 - Tembria Server Monitor before 6.0.5 Build 2252 uses a substitution cipher to encrypt application credentials, which allows local users to obtain sensitive information by leveraging read access to (1) authentication.dat or (2) XML files in the Exports ...
12 years ago

CVE-2011-3684 - Multiple cross-site scripting (XSS) vulnerabilities in Tembria Server Monitor before 6.0.5 Build 2252 allow remote attackers to inject arbitrary web script or HTML via (1) the siteid parameter to logbook.asp, (2) the siteid parameter to ...
12 years ago

CVE-2010-2252 - GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc ...
8 years ago

CVE-2015-2252 - Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to execute arbitrary code with root privileges via a crafted UDS patch with shell scripts. ...
7 years ago

CVE-2004-2252 - The firewall in Astaro Security Linux before 4.024 sends responses to SYN-FIN packets, which makes it easier for remote attackers to obtain information about the system and construct specialized attacks. ...
1 year ago

CVE-2002-2252 - SQL injection vulnerability in auth.inc.php in Thatware 0.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via a base64-encoded user parameter. ...
7 years ago

CVE-2007-2252 - Directory traversal vulnerability in iconspopup.php in Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to obtain sensitive information via a .. (dot dot) in the icodir parameter. ...
7 years ago

CVE-2012-2252 - Incomplete blacklist vulnerability in rssh before 2.3.4, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via the --rsh command line option. Per: http://cwe.mitre.org/data/definitions/184.html ...
7 years ago

CVE-2017-2252 - Untrusted search path vulnerability in self-extracting archive files created by File Compact Ver.5 version 5.10 and earlier, Ver.6 version 6.02 and earlier, Ver.7 version 7.02 and earlier allows an attacker to gain privileges via a Trojan horse DLL ...
7 years ago

CVE-2019-2252 - Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ...
5 years ago

CVE-2008-2252 - The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate parameters sent from user mode to the kernel, which allows local users to gain privileges via a crafted ...
5 years ago

CVE-2021-2252 - Vulnerability in the Oracle Loans product of Oracle E-Business Suite (component: Loan Details, Loan Accounting Events). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with ...
3 years ago

CVE-2022-2252 - Open Redirect in GitHub repository microweber/microweber prior to 1.2.19. ...
2 years ago

CVE-2020-2252 - Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server. ...
1 year ago

CVE-2013-2252 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA ...
55 years ago Tenable.com

CVE-2016-2252 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none ...
55 years ago Tenable.com

CVE-2018-2252 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none ...
55 years ago Tenable.com

CVE-2023-2252 - The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does not validate the file parameter when importing CSV files. ...
1 year ago

CVE-2024-2252 - The Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 3.1.5 due to insufficient input ...
11 months ago Tenable.com

CVE-2024-49903 - In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uaf in dbFreeBits [syzbot reported] ================================================================== BUG: KASAN: slab-use-after-free in __mutex_lock_common ...
4 months ago Tenable.com