|
296841
|
- |
|
python
canonical
debian
|
python
ubuntu_linux
debian_linux
|
The utf-16 decoder in Python 3.1 through 3.3 does not update the aligned_end variable after calling the unicode_decode_call_errorhandler function, which allows remote attackers to obtain sensitive in…
|
NVD-CWE-Other
|
CVE-2012-2135
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296842
|
- |
|
larry_garfield
|
autosave
|
Cross-site request forgery (CSRF) vulnerability in the Autosave module 6.x before 6.x-2.10 and 7.x-2.x before 7.x-2.0 for Drupal allows remote attackers to hijack the authentication of arbitrary user…
|
CWE-352
Origin Validation Error
|
CVE-2012-2097
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296843
|
- |
|
lullabot
|
fivestar_module_for_drupal
|
The Fivestar module 6.x-1.x before 6.x-1.20 for Drupal does not properly validate voting data, which allows remote attackers to manipulate voting averages via a negative value in the vote parameter.
|
CWE-20
Improper Input Validation
|
CVE-2012-2096
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296844
|
- |
|
s9y
|
serendipity
|
SQL injection vulnerability in serendipity/serendipity_admin.php in Serendipity before 1.6.1 allows remote attackers to execute arbitrary SQL commands via the serendipity[plugin_to_conf] parameter. …
|
CWE-89
SQL Injection
|
CVE-2012-2332
|
2024-11-21 10:38 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296845
|
- |
|
s9y
|
serendipity
|
Cross-site scripting (XSS) vulnerability in serendipity/serendipity_admin_image_selector.php in Serendipity before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the serendi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2331
|
2024-11-21 10:38 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296846
|
- |
|
nodejs
|
nodejs
|
The Update method in src/node_http_parser.cc in Node.js before 0.6.17 and 0.7 before 0.7.8 does not properly check the length of a string, which allows remote attackers to obtain sensitive informatio…
|
CWE-20
Improper Input Validation
|
CVE-2012-2330
|
2024-11-21 10:38 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296847
|
- |
|
pivotx
|
pivotx
|
Cross-site scripting (XSS) vulnerability in pivotx/ajaxhelper.php in PivotX 2.3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the file parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2274
|
2024-11-21 10:38 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296848
|
- |
|
mnt-tech
|
wp-facethumb
|
Cross-site scripting (XSS) vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pagination_wp_facethumb param…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2371
|
2024-11-21 10:38 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296849
|
- |
|
gnome
|
gdk-pixbuf
|
Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) hei…
|
CWE-189
Numeric Errors
|
CVE-2012-2370
|
2024-11-21 10:38 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296850
|
- |
|
bytemark
|
symbiosis
|
Bytemark Symbiosis before Revision 1322 does not properly validate passwords, which allows remote attackers to gain access to email accounts via an arbitrary password.
|
CWE-20
Improper Input Validation
|
CVE-2012-2368
|
2024-11-21 10:38 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
