|
294411
|
- |
|
fedoraproject
|
389_directory_server
|
The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0833
|
2024-11-21 10:35 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294412
|
- |
|
david_paleino
|
wicd
|
Wicd before 1.7.1 saves sensitive information in log files in /var/log/wicd, which allows context-dependent attackers to obtain passwords and other sensitive information.
|
CWE-255
Credentials Management
|
CVE-2012-0813
|
2024-11-21 10:35 |
2012-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294413
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the Integration Solution Console in the Administration Console in IBM WebSphere Application Server 7.0 before 7.0.0.23 allows remote attackers to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0720
|
2024-11-21 10:35 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294414
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 7.0 before 7.0.0.23, when a certain SSLv2 configuration with client authentication is used, allows remote attackers to bypass X.509 client-certificate authentication …
|
CWE-287
Improper Authentication
|
CVE-2012-0717
|
2024-11-21 10:35 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294415
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server 7.0 before 7.0.0.23 allows remote attackers to inject arbitrary web script or HTML via unspe…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0716
|
2024-11-21 10:35 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294416
|
- |
|
spamdyke
|
spamdyke
|
Multiple buffer overflows in Spamdyke before 4.3.0 might allow remote attackers to execute arbitrary code via vectors related to "serious errors in the usage of snprintf()/vsnprintf()" in which the r…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0802
|
2024-11-21 10:35 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294417
|
- |
|
apple
|
itunes
|
Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0677
|
2024-11-21 10:35 |
2012-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294418
|
- |
|
dropbear_ssh_project
debian
|
dropbear_ssh
debian_linux
|
Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54, when command restriction and public key authentication are enabled, allows remote authenticated users to execute arbitrary co…
|
CWE-399
Resource Management Errors
|
CVE-2012-0920
|
2024-11-21 10:35 |
2012-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294419
|
- |
|
sqlalchemy
|
sqlalchemy
|
Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the selec…
|
CWE-89
SQL Injection
|
CVE-2012-0805
|
2024-11-21 10:35 |
2012-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294420
|
- |
|
xinetd
|
xinetd
|
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access …
|
CWE-20
Improper Input Validation
|
CVE-2012-0862
|
2024-11-21 10:35 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
