|
297071
|
- |
|
cloudera
|
cloudera_manager
cloudera_service_and_configuration_manager
|
Cloudera Manager 3.7.x before 3.7.5 and Service and Configuration Manager 3.5, when Kerberos is not enabled, does not properly install taskcontroller.cfg, which allows remote authenticated users to i…
|
CWE-310
Cryptographic Issues
|
CVE-2012-2230
|
2024-11-21 10:38 |
2012-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297072
|
- |
|
360zip
|
360zip
|
360zip 1.93beta allows remote attackers to execute arbitrary code via vectors related to file browsing and file extraction.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2225
|
2024-11-21 10:38 |
2012-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297073
|
- |
|
xunlei
|
thunder
|
Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a "DLL injection vulnerability."
|
CWE-94
Code Injection
|
CVE-2012-2224
|
2024-11-21 10:38 |
2012-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297074
|
- |
|
novell
|
zenworks_configuration_management
|
The xplat agent in Novell ZENworks Configuration Management (ZCM) 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct c…
|
CWE-200
Information Exposure
|
CVE-2012-2223
|
2024-11-21 10:38 |
2012-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297075
|
- |
|
sony
|
bravia_tv
|
The Sony Bravia TV KDL-32CX525 allows remote attackers to cause a denial of service (configuration outage or device crash) via a flood of TCP SYN packets, as demonstrated by hping, a related issue to…
|
CWE-399
Resource Management Errors
|
CVE-2012-2210
|
2024-11-21 10:38 |
2012-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297076
|
- |
|
plume-cms
|
plume_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Plume CMS 1.2.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the u_email parameter (aka Authors Email field…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2156
|
2024-11-21 10:38 |
2012-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297077
|
- |
|
cmsmadesimple
|
cms_made_simple
|
Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS Made Simple 1.10.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter (aka the Em…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1992
|
2024-11-21 10:38 |
2012-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297078
|
- |
|
novell
|
zenworks_configuration_management
|
Directory traversal vulnerability in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to read arbitrary files via an opcode 0x21 request.
|
CWE-22
Path Traversal
|
CVE-2012-2215
|
2024-11-21 10:38 |
2012-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297079
|
- |
|
phpmyadmin
|
phpmyadmin
|
show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist, allows remote attackers to obtain sensitive information via a direct request, which reveals the i…
|
CWE-200
Information Exposure
|
CVE-2012-1902
|
2024-11-21 10:38 |
2012-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297080
|
7.5 |
HIGH
Network
|
github
|
github
|
GitHub Enterprise before 20120304 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the public_key[user_id] value via a mod…
|
CWE-913
Improper Control of Dynamically-Managed Code Resources
|
CVE-2012-2055
|
2024-11-21 10:38 |
2012-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
