|
292791
|
- |
|
ruby-lang
|
ruby
|
The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4522
|
2024-11-21 10:43 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292792
|
- |
|
tecnick
|
tcexam
|
Multiple cross-site scripting (XSS) vulnerabilities in admin/code/tce_select_users_popup.php in Nicola Asuni TCExam before 11.3.009 allow remote attackers to inject arbitrary web script or HTML via t…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4602
|
2024-11-21 10:43 |
2012-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292793
|
- |
|
tecnick
|
tcexam
|
Multiple SQL injection vulnerabilities in Nicola Asuni TCExam before 11.3.009 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the (1) user_g…
|
CWE-89
SQL Injection
|
CVE-2012-4601
|
2024-11-21 10:43 |
2012-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292794
|
- |
|
xen
|
xen
|
Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments…
|
CWE-399
Resource Management Errors
|
CVE-2012-4539
|
2024-11-21 10:43 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292795
|
- |
|
xen
|
xen
|
Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause…
|
CWE-16
Configuration
|
CVE-2012-4537
|
2024-11-21 10:43 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292796
|
- |
|
xen
|
xen
|
The (1) domain_pirq_to_emuirq and (2) physdev_unmap_pirq functions in Xen 2.2 allows local guest OS administrators to cause a denial of service (Xen crash) via a crafted pirq value that triggers an o…
|
NVD-CWE-noinfo
|
CVE-2012-4536
|
2024-11-21 10:43 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292797
|
- |
|
xen
|
xen
|
Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inapp…
|
CWE-399
Resource Management Errors
|
CVE-2012-4535
|
2024-11-21 10:43 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292798
|
- |
|
mcrypt
|
mcrypt
|
Stack-based buffer overflow in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name. NOTE: it …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4527
|
2024-11-21 10:43 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292799
|
- |
|
uninett
|
radsecproxy
|
The DTLS support in radsecproxy before 1.6.2 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the ce…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4566
|
2024-11-21 10:43 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292800
|
- |
|
google
|
web_toolkit
|
Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) 2.4 Beta and release candidates before 2.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vector…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4563
|
2024-11-21 10:43 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
