|
295851
|
- |
|
apache
mochiweb_project
|
couchdb
mochiweb
|
Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1, allows …
|
CWE-22
Path Traversal
|
CVE-2012-5641
|
2024-11-21 10:45 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295852
|
- |
|
imagecms
|
imagecms
|
SQL injection vulnerability in ImageCMS before 4.2 allows remote authenticated administrators to execute arbitrary SQL commands via the q parameter to admin/admin_search/. NOTE: this can be leverage…
|
CWE-89
SQL Injection
|
CVE-2012-6290
|
2024-11-21 10:45 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295853
|
- |
|
hp
|
linux_imaging_and_printing_project
|
HP Linux Imaging and Printing (HPLIP) before 3.13.2 uses world-writable permissions for /var/log/hp and /var/log/hp/tmp, which allows local users to delete log files via standard filesystem operation…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6108
|
2024-11-21 10:45 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295854
|
- |
|
redhat
|
satellite
satellite_5_managed_db
spacewalk-java
|
Multiple cross-site scripting (XSS) vulnerabilities in systems/sdc/notes.jsp in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6149
|
2024-11-21 10:45 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295855
|
- |
|
pidgin
|
pidgin
|
The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service (application crash) via crafted byte …
|
CWE-20
Improper Input Validation
|
CVE-2012-6152
|
2024-11-21 10:45 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295856
|
- |
|
zabbix
|
zabbix
|
libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.8rc1, and 2.1.x before 2.1.2 does not properly set the CURLOPT_SSL_VERIFYHOST option for libcurl, which allows man-in-the-…
|
CWE-310
Cryptographic Issues
|
CVE-2012-6086
|
2024-11-21 10:45 |
2014-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295857
|
- |
|
apple
canonical
net-snmp
|
mac_os_x
ubuntu_linux
net-snmp
|
Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, …
|
CWE-399
Resource Management Errors
|
CVE-2012-6151
|
2024-11-21 10:45 |
2013-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295858
|
- |
|
samba
canonical
|
samba
ubuntu_linux
|
The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which all…
|
CWE-20
Improper Input Validation
|
CVE-2012-6150
|
2024-11-21 10:45 |
2013-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295859
|
- |
|
kth
opensuse
|
snack_sound_toolkit
wavesurfer
opensuse
|
Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allows remote attackers to cause a denial of service (crash…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-6303
|
2024-11-21 10:45 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295860
|
- |
|
oracle
mariadb
|
mysql
mariadb
|
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection wh…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2012-5627
|
2024-11-21 10:45 |
2013-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
