|
294921
|
- |
|
wordpress
|
wordpress
|
The map_meta_cap function in wp-includes/capabilities.php in WordPress 3.4.x before 3.4.2, when the multisite feature is enabled, does not properly assign the unfiltered_html capability, which allows…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3383
|
2024-11-21 10:40 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294922
|
- |
|
openstack
|
essex
folsom
diablo
|
virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3361
|
2024-11-21 10:40 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294923
|
- |
|
openstack
|
essex
folsom
|
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to wr…
|
CWE-22
Path Traversal
|
CVE-2012-3360
|
2024-11-21 10:40 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294924
|
- |
|
viewvc
|
viewvc
|
The SVN revision view (lib/vclib/svn/svn_repos.py) in ViewVC before 1.1.15 does not properly handle log messages when a readable path is copied from an unreadable path, which allows remote attackers …
|
CWE-200
Information Exposure
|
CVE-2012-3357
|
2024-11-21 10:40 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294925
|
- |
|
viewvc
|
viewvc
|
The remote SVN views functionality (lib/vclib/svn/svn_ra.py) in ViewVC before 1.1.15 does not properly perform authorization, which allows remote attackers to bypass intended access restrictions via …
|
CWE-287
Improper Authentication
|
CVE-2012-3356
|
2024-11-21 10:40 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294926
|
- |
|
php
|
php
|
The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3365
|
2024-11-21 10:40 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294927
|
- |
|
osisoft
|
pi_opc_da_interface
|
Stack-based buffer overflow in OSIsoft PI OPC DA Interface before 2.3.20.9 allows remote authenticated users to execute arbitrary code by sending packet data during the processing of messages associa…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3008
|
2024-11-21 10:40 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294928
|
- |
|
ibm
|
proventia_network_mail_security_system_firmware
proventia_network_mail_security_system
lotus_protector_for_mail_security
|
Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security …
|
CWE-79
Cross-site Scripting
|
CVE-2012-2955
|
2024-11-21 10:40 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294929
|
- |
|
smc
|
smc8024l2_switch
|
The web interface on the SMC SMC8024L2 switch allows remote attackers to bypass authentication and obtain administrative access via a direct request to a .html file under (1) status/, (2) system/, (3…
|
CWE-287
Improper Authentication
|
CVE-2012-2974
|
2024-11-21 10:40 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294930
|
- |
|
uclouvain
|
openjpeg
|
Multiple heap-based buffer overflows in the j2k_read_sot function in j2k.c in OpenJPEG 1.5 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3358
|
2024-11-21 10:40 |
2012-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
