|
294241
|
- |
|
david_alkire
|
drag_\&_drop_gallery
|
Unrestricted file upload vulnerability in upload.php in the Drag & Drop Gallery module 6.x-1.5 and earlier for Drupal allows remote attackers to execute arbitrary PHP code by uploading a file with an…
|
NVD-CWE-Other
|
CVE-2012-4472
|
2024-11-21 10:42 |
2012-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294242
|
- |
|
dominique_clause
|
search_autocomplete
|
The Search Autocomplete module 7.x-2.x before 7.x-2.4 for Drupal does not properly restrict access to the module admin page, which allows remote attackers to disable an autocompletion or change the p…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4471
|
2024-11-21 10:42 |
2012-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294243
|
- |
|
philip_ludlam
|
listhandler
|
The Listhandler module 6.x-1.x before 6.x-1.1 for Drupal does not properly check permissions when importing emails, which allows remote comment authors to bypass access restrictions and possibly have…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4470
|
2024-11-21 10:42 |
2012-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294244
|
- |
|
simon_rycroft
|
hashcash
|
Cross-site scripting (XSS) vulnerability in the Hashcash module 6.x-2.x before 6.x-2.6 and 7.x-2.x before 7.x-2.2 for Drupal, when "Log failed hashcash" is enabled, allows remote attackers to inject …
|
CWE-79
Cross-site Scripting
|
CVE-2012-4469
|
2024-11-21 10:42 |
2012-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294245
|
- |
|
privatemsg_project
|
privatemsg
|
Cross-site scripting (XSS) vulnerability in the Privatemsg module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via a user name in a private message.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4468
|
2024-11-21 10:42 |
2012-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294246
|
- |
|
google
|
android
|
drivers/gpu/msm/kgsl.c in the Qualcomm Innovation Center (QuIC) Graphics KGSL kernel-mode driver for Android 2.3 through 4.2 allows attackers to cause a denial of service (NULL pointer dereference) v…
|
CWE-20
Improper Input Validation
|
CVE-2012-4222
|
2024-11-21 10:42 |
2012-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294247
|
- |
|
google
|
android
|
Integer overflow in diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause …
|
CWE-189
Numeric Errors
|
CVE-2012-4221
|
2024-11-21 10:42 |
2012-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294248
|
- |
|
google
|
android
|
diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service …
|
NVD-CWE-noinfo
|
CVE-2012-4220
|
2024-11-21 10:42 |
2012-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294249
|
- |
|
xen
|
xen
|
The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-099…
|
CWE-200
Information Exposure
|
CVE-2012-4411
|
2024-11-21 10:42 |
2012-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294250
|
- |
|
mcrypt
|
mcrypt
|
Multiple format string vulnerabilities in mcrypt 2.6.8 and earlier might allow user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via vectors invol…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2012-4426
|
2024-11-21 10:42 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
