|
296561
|
- |
|
linux
|
linux_kernel
|
Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service (memory consumption or system crash) via invalid MAP_HUGETLB mmap operations.
|
CWE-399
Resource Management Errors
|
CVE-2012-2390
|
2024-11-21 10:39 |
2012-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296562
|
- |
|
bloxx
|
web_filtering
|
Bloxx Web Filtering before 5.0.14 does not properly interpret X-Forwarded-For headers during access-control and logging operations for HTTPS connection attempts, which allows remote attackers to bypa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2566
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296563
|
- |
|
bloxx
|
web_filtering
|
Bloxx Web Filtering before 5.0.14 does not use a salt during calculation of a password hash, which makes it easier for context-dependent attackers to determine cleartext passwords via a rainbow-table…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2565
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296564
|
- |
|
bloxx
|
web_filtering
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Bloxx Web Filtering before 5.0.14 allow remote attackers to hijack the authentication of administrators f…
|
CWE-352
Origin Validation Error
|
CVE-2012-2564
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296565
|
- |
|
bloxx
|
web_filtering
|
Multiple cross-site scripting (XSS) vulnerabilities in Bloxx Web Filtering before 5.0.14 allow (1) remote attackers to inject arbitrary web script or HTML via web traffic that is examined within the …
|
CWE-79
Cross-site Scripting
|
CVE-2012-2563
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296566
|
- |
|
siemens
|
wincc
|
Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2598
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296567
|
- |
|
siemens
|
wincc
|
Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote authenticated users to read arbitrary files via a crafted parameter in a URL.
|
CWE-22
Path Traversal
|
CVE-2012-2597
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296568
|
- |
|
siemens
|
wincc
|
The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 does not properly handle special characters in parameters, which allows remote authenticated users to …
|
CWE-94
Code Injection
|
CVE-2012-2596
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296569
|
- |
|
siemens
|
wincc
|
Multiple cross-site scripting (XSS) vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors …
|
CWE-79
Cross-site Scripting
|
CVE-2012-2595
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296570
|
- |
|
collabnet
|
scrumworks
|
The server in CollabNet ScrumWorks Pro before 6.0 allows remote authenticated users to gain privileges and obtain sensitive information via a modified desktop client.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2603
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
