|
293691
|
- |
|
puppet
puppetlabs
|
puppet
puppet_enterprise
puppet_enterprise_users
|
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with an authorized SSL key and ce…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1986
|
2024-11-21 10:38 |
2012-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293692
|
- |
|
puppet
puppetlabs
|
puppet
puppet_enterprise
puppet_enterprise_users
|
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 uses predictable file names when installing Mac OS X packages from …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1906
|
2024-11-21 10:38 |
2012-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293693
|
- |
|
puppet
puppetlabs
|
puppet
puppet_enterprise
puppet_enterprise_users
|
Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with…
|
NVD-CWE-noinfo
|
CVE-2012-1987
|
2024-11-21 10:38 |
2012-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293694
|
- |
|
sitracker
|
support_incident_tracker
|
Cross-site scripting (XSS) vulnerability in Support Incident Tracker (SiT!) 3.65 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter to index.php, which is…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2235
|
2024-11-21 10:38 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293695
|
- |
|
ibm
|
lotus_quickr
|
Multiple stack-based buffer overflows in a certain ActiveX control in qp2.cab in IBM Lotus Quickr 8.2 before 8.2.0.27-002a for Domino allow remote attackers to execute arbitrary code via a long argum…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2176
|
2024-11-21 10:38 |
2012-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293696
|
- |
|
adobe
|
illustrator
illustrator_cs5.5
|
Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-201…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2042
|
2024-11-21 10:38 |
2012-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293697
|
- |
|
tornadoweb
|
tornado
|
CRLF injection vulnerability in the tornado.web.RequestHandler.set_header function in Tornado before 2.2.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting…
|
CWE-20
Improper Input Validation
|
CVE-2012-2374
|
2024-11-21 10:38 |
2012-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293698
|
- |
|
cypherpunks
|
pidgin-otr
|
Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbi…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2012-2369
|
2024-11-21 10:38 |
2012-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293699
|
- |
|
schneider-electric
|
kerweb
kerwin
|
Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric Kerweb before 3.0.1 and Kerwin before 6.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the evtvari…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1990
|
2024-11-21 10:38 |
2012-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293700
|
- |
|
geoff_davies
|
contact_forms
|
The Contact Forms module 7.x-1.x before 7.x-1.2 for Drupal does not specify sufficiently restrictive permissions, which allows remote authenticated users with the "access the site-wide contact form" …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2340
|
2024-11-21 10:38 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
