|
294391
|
- |
|
apple
|
safari
|
Apple Safari before 6.0 does not properly handle the autocomplete attribute of a password input element, which allows remote attackers to bypass authentication by leveraging an unattended workstation.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0680
|
2024-11-21 10:35 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294392
|
- |
|
apple
|
safari
|
Apple Safari before 6.0 allows remote attackers to read arbitrary files via a feed:// URL.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0679
|
2024-11-21 10:35 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294393
|
- |
|
apple
|
safari
|
Cross-site scripting (XSS) vulnerability in Apple Safari before 6.0 allows remote attackers to inject arbitrary web script or HTML via a feed:// URL.
|
CWE-79
Cross-site Scripting
|
CVE-2012-0678
|
2024-11-21 10:35 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294394
|
- |
|
postgresql
|
postgresql
|
CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary S…
|
CWE-89
SQL Injection
|
CVE-2012-0868
|
2024-11-21 10:35 |
2012-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294395
|
- |
|
opensuse_project
postgresql
debian
redhat
|
opensuse
postgresql
debian_linux
enterprise_linux_server_aus
enterprise_linux_server_eus
enterprise_linux_hpc_node
enterprise_linux_desktop
enterprise_linux_server
enterprise_…
|
PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof conn…
|
CWE-20
CWE-295
Improper Input Validation
Improper Certificate Validation
|
CVE-2012-0867
|
2024-11-21 10:35 |
2012-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294396
|
- |
|
postgresql
|
postgresql
|
CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0866
|
2024-11-21 10:35 |
2012-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294397
|
- |
|
sun
|
sunos
|
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local users to affect availability via unknown vectors related to Kerberos/klist.
|
NVD-CWE-noinfo
|
CVE-2012-0563
|
2024-11-21 10:35 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294398
|
- |
|
oracle
mariadb
redhat
|
mysql
mariadb
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_eus
|
Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
|
NVD-CWE-noinfo
|
CVE-2012-0540
|
2024-11-21 10:35 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294399
|
- |
|
moodle
|
moodle
|
lib/formslib.php in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 does not properly handle multiple instances of a form element, which has unspecified impact and remote attack vectors.
|
CWE-20
Improper Input Validation
|
CVE-2012-0801
|
2024-11-21 10:35 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294400
|
- |
|
moodle
|
moodle
|
The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 makes it easier for physically proximate attackers to discover passwords by reading the …
|
CWE-200
Information Exposure
|
CVE-2012-0800
|
2024-11-21 10:35 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
