|
293681
|
5.5 |
MEDIUM
Local
|
imagemagick
debian
canonical
opensuse
|
imagemagick
debian_linux
ubuntu_linux
opensuse
|
Integer overflow in the SyncImageProfiles function in profile.c in ImageMagick 6.7.5-8 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted IOP tag offsets in …
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2012-1186
|
2024-11-21 10:36 |
2012-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293682
|
7.8 |
HIGH
Local
|
imagemagick
debian
canonical
opensuse
|
imagemagick
debian_linux
ubuntu_linux
opensuse
|
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execu…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2012-1185
|
2024-11-21 10:36 |
2012-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293683
|
- |
|
libtiff
|
libtiff
|
Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTile…
|
CWE-189
Numeric Errors
|
CVE-2012-1173
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293684
|
- |
|
sebastian_heinlein
canonical
|
aptdaemon
ubuntu_linux
|
Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via …
|
CWE-287
Improper Authentication
|
CVE-2012-0944
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293685
|
- |
|
segue_project
|
segue
|
SQL injection vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-1255
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293686
|
- |
|
segue_project
|
segue
|
Cross-site scripting (XSS) vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1254
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293687
|
- |
|
opera
|
opera_browser
|
Opera before 9.63 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
|
CWE-310
Cryptographic Issues
|
CVE-2012-1251
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293688
|
- |
|
logitech
|
lan-w300n\/ru2_firmware
|
Logitec LAN-W300N/R routers with firmware before 2.27 do not properly restrict login access, which allows remote attackers to obtain administrative privileges and modify settings via vectors related …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1250
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293689
|
- |
|
roundcube
|
webmail
|
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embed…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1253
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293690
|
- |
|
rssowl
|
rssowl
|
Cross-site scripting (XSS) vulnerability in RSSOwl before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a feed, a different vulnerability than CVE-2006-4760.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1252
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
