|
295691
|
- |
|
eucalyptus
|
eucalyptus
|
The Walrus service in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 allows remote attackers to gain administrator privileges via a crafted REST request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3240
|
2024-11-21 10:40 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295692
|
- |
|
mono
|
mono
|
Cross-site scripting (XSS) vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs in Mono 2.10.8 and earlier allows remote attackers to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3382
|
2024-11-21 10:40 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295693
|
- |
|
videolan
|
vlc_media_player
|
Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (ap…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3377
|
2024-11-21 10:40 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295694
|
- |
|
valarsoft
|
webmatic
|
SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
|
CWE-89
SQL Injection
|
CVE-2012-3350
|
2024-11-21 10:40 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295695
|
- |
|
gimp
|
gimp
|
fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated us…
|
CWE-476
NULL Pointer Dereference
|
CVE-2012-3236
|
2024-11-21 10:40 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295696
|
- |
|
extplorer
|
extplorer
|
Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attackers to hijack the authentication of administrators for requests that add an administrator account …
|
CWE-352
Origin Validation Error
|
CVE-2012-3362
|
2024-11-21 10:40 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295697
|
- |
|
artis.imag
|
basilic
|
Config/diff.php in Basilic 1.5.14 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter.
|
CWE-20
Improper Input Validation
|
CVE-2012-3399
|
2024-11-21 10:40 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295698
|
- |
|
apache
|
hadoop
|
DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow …
|
CWE-310
Cryptographic Issues
|
CVE-2012-3376
|
2024-11-21 10:40 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295699
|
- |
|
cisco
|
telepresence_recording_server
|
The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Bug ID CSCth85804.
|
CWE-78
OS Command
|
CVE-2012-3076
|
2024-11-21 10:40 |
2012-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295700
|
- |
|
cisco
|
telepresence_system_software
telepresence_system_1300_65
telepresence_system_3000
telepresence_system_3010
telepresence_system_3200
telepresence_system_3210
telepresence_system_t3
The administrative web interface on Cisco TelePresence Immersive Endpoint Devices before 1.7.4 allows remote authenticated users to execute arbitrary commands via a malformed request on TCP port 443,…
|
CWE-78
OS Command
|
CVE-2012-3075
|
2024-11-21 10:40 |
2012-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
