|
297991
|
- |
|
redhat
|
cloudforms
|
proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users'…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5603
|
2024-11-21 10:44 |
2013-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297992
|
- |
|
libtiff
|
libtiff
|
Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DOTRANGE tag in a TIFF …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5581
|
2024-11-21 10:44 |
2013-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297993
|
- |
|
redhat
|
enterprise_virtualization_manager
|
Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when moving disks between storage domains, does not properly wipe-after-delete, which prevents disks from being securely deleted and mig…
|
CWE-200
Information Exposure
|
CVE-2012-5516
|
2024-11-21 10:44 |
2013-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297994
|
- |
|
torproject
|
tor
|
The connection_edge_process_relay_cell function in or/relay.c in Tor before 0.2.3.25 maintains circuits even if an unexpected SENDME cell arrives, which might allow remote attackers to cause a denial…
|
CWE-399
Resource Management Errors
|
CVE-2012-5573
|
2024-11-21 10:44 |
2013-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297995
|
- |
|
cisco
|
skinny_client_control_protocol_software
unified_ip_phone
unified_ip_phone_7906g
|
The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 series devices (aka TNP phones) with software before 9.3.1-ES10 does not properly validate unspecified system calls, which allows …
|
CWE-20
Improper Input Validation
|
CVE-2012-5445
|
2024-11-21 10:44 |
2012-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297996
|
- |
|
linux
|
linux_kernel
|
The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service (daemon exit) via a crafted application…
|
NVD-CWE-noinfo
|
CVE-2012-5532
|
2024-11-21 10:44 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297997
|
- |
|
openstack
|
grizzly
folsom
|
OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume (PV) content when reallocating for instances, which a…
|
CWE-200
Information Exposure
|
CVE-2012-5625
|
2024-11-21 10:44 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297998
|
- |
|
openstack
|
keystone
|
tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows loca…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5483
|
2024-11-21 10:44 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297999
|
- |
|
citrix
|
xenapp
|
The XML Service interface in Citrix XenApp 6.5 and 6.5 Feature Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2012-5161
|
2024-11-21 10:44 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298000
|
- |
|
catalin_florian_radut
|
zeropoint
|
Cross-site scripting (XSS) vulnerability in the Zero Point module 6.x-1.x before 6.x-1.18 and 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via the …
|
CWE-79
Cross-site Scripting
|
CVE-2012-5591
|
2024-11-21 10:44 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
