|
296801
|
- |
|
debian
|
devotee
|
devotee 0.1 patch 2 uses a 32-bit seed for generating 48-bit random numbers, which makes it easier for remote attackers to obtain the secret monikers via a brute force attack.
|
CWE-200
Information Exposure
|
CVE-2012-2387
|
2024-11-21 10:38 |
2012-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296802
|
- |
|
gnome
|
libsoup
|
libsoup 2.32.2 and earlier does not validate certificates or clear the trust flag when the ssl-ca-file does not exist, which allows remote attackers to bypass authentication by connecting with a SSL …
|
CWE-287
Improper Authentication
|
CVE-2012-2132
|
2024-11-21 10:38 |
2012-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296803
|
- |
|
ibm
|
rational_clearquest
|
Cross-site scripting (XSS) vulnerability in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to inject arbitrary web script or HTML via a workspac…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2205
|
2024-11-21 10:38 |
2012-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296804
|
- |
|
ibm
|
rational_clearquest
|
Cross-site scripting (XSS) vulnerability in the file-upload functionality in the Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 allows remote authenticated users to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2169
|
2024-11-21 10:38 |
2012-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296805
|
- |
|
ibm
|
rational_clearquest
|
IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to obtain sensitive stack-trace information from CM server error messages via an invalid paramete…
|
CWE-200
Information Exposure
|
CVE-2012-2168
|
2024-11-21 10:38 |
2012-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296806
|
- |
|
ibm
|
rational_clearquest
|
IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3, when ClearQuest Authentication is enabled, allows remote authenticated users to read password hashes via a user query.
|
CWE-200
Information Exposure
|
CVE-2012-2165
|
2024-11-21 10:38 |
2012-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296807
|
- |
|
ibm
|
rational_clearquest
|
The Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to bypass intended access restrictions, and use the Site Administration menu to…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2164
|
2024-11-21 10:38 |
2012-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296808
|
- |
|
ibm
|
websphere_mq
|
The Web Gateway component in IBM WebSphere MQ File Transfer Edition 7.0.4 and earlier allows remote authenticated users to read files of arbitrary users via vectors involving a username in a URI, as …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2206
|
2024-11-21 10:38 |
2012-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296809
|
- |
|
oracle
mysql
|
mysql
|
MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2102
|
2024-11-21 10:38 |
2012-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296810
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1908
|
2024-11-21 10:38 |
2012-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
