|
296351
|
- |
|
testlink
|
testlink
|
Multiple SQL injection vulnerabilities in TestLink 1.8.5b and earlier allow remote authenticated users with the Requirement view permission to execute arbitrary SQL commands via the req_spec_id param…
|
CWE-89
SQL Injection
|
CVE-2012-0939
|
2024-11-21 10:36 |
2014-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296352
|
- |
|
testlink
|
testlink
|
Multiple SQL injection vulnerabilities in TestLink 1.9.3, 1.8.5b, and earlier allow remote authenticated users with certain permissions to execute arbitrary SQL commands via the root_node parameter i…
|
CWE-89
SQL Injection
|
CVE-2012-0938
|
2024-11-21 10:36 |
2014-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296353
|
- |
|
robert_ancell
canonical
|
lightdm
ubuntu_linux
|
debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0943
|
2024-11-21 10:36 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296354
|
- |
|
canonical
|
ltsp_display_manager
ubuntu_linux
|
The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KP_RETURN keybinding, which launches a terminal window.
|
CWE-78
OS Command
|
CVE-2012-1166
|
2024-11-21 10:36 |
2014-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296355
|
- |
|
cisco
|
ios
asr_1001
asr_1002
asr_1002-x
asr_1002_fixed_router
asr_1004
asr_1006
asr_1013
asr_1023_router
asr_9000_rsp440_router
|
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted …
|
CWE-20
Improper Input Validation
|
CVE-2012-1366
|
2024-11-21 10:36 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296356
|
- |
|
cisco
|
ios
|
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1317
|
2024-11-21 10:36 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296357
|
- |
|
php
|
php
|
The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use o…
|
CWE-200
Information Exposure
|
CVE-2012-1171
|
2024-11-21 10:36 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296358
|
- |
|
iproute2_project
|
iproute2
|
iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file used by (1) configure or (2) examples/dhcp-client-script.
|
CWE-59
Link Following
|
CVE-2012-1088
|
2024-11-21 10:36 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296359
|
- |
|
redhat
|
jboss_operations_network
|
Red Hat JBoss Operations Network (JON) 3.0.x before 3.0.1, 2.4.2, and earlier, when LDAP authentication is enabled and the LDAP bind account credentials are invalid, allows remote attackers to login …
|
CWE-287
Improper Authentication
|
CVE-2012-1100
|
2024-11-21 10:36 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296360
|
- |
|
opensuse
|
opensuse
osc
|
osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted (1) build log or (2) build status that contains an escape sequence for a …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1095
|
2024-11-21 10:36 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
