|
294221
|
- |
|
djangoproject
|
django
|
The get_image_dimensions function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions, which allows re…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3444
|
2024-11-21 10:40 |
2012-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294222
|
- |
|
djangoproject
|
django
|
The django.forms.ImageField class in the form system in Django before 1.3.2 and 1.4.x before 1.4.1 completely decompresses image data during image validation, which allows remote attackers to cause a…
|
CWE-20
Improper Input Validation
|
CVE-2012-3443
|
2024-11-21 10:40 |
2012-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294223
|
- |
|
djangoproject
|
django
|
The (1) django.http.HttpResponseRedirect and (2) django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2 and 1.4.x before 1.4.1 do not validate the scheme of a redirect target, which…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3442
|
2024-11-21 10:40 |
2012-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294224
|
- |
|
openstack
|
essex
keystone
horizon
|
OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement token expiration, which allows remote authenticated users to bypass in…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3426
|
2024-11-21 10:40 |
2012-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294225
|
- |
|
iconics
|
genesis32
bizviz
|
The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authen…
|
CWE-310
Cryptographic Issues
|
CVE-2012-3018
|
2024-11-21 10:40 |
2012-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294226
|
- |
|
siemens
|
simatic_s7-400_cpu_firmware
simatic_s7-400_cpu_414-3_pn\/dp
simatic_s7-400_cpu_416-3_pn\/dp
simatic_s7-400_cpu_416f-3_pn\/dp
|
Siemens SIMATIC S7-400 PN CPU devices with firmware 5.x allow remote attackers to cause a denial of service (defect-mode transition and service outage) via (1) malformed HTTP traffic or (2) malformed…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3017
|
2024-11-21 10:40 |
2012-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294227
|
- |
|
siemens
|
simatic_s7-400_cpu_firmware
simatic_s7-400_cpu_412-2_pn
simatic_s7-400_cpu_414-3_pn\/dp
simatic_s7-400_cpu_414f-3_pn\/dp
simatic_s7-400_cpu_416-3_pn\/dp
simatic_s7-400_cpu_416f-3_pn\/dp
|
Siemens SIMATIC S7-400 PN CPU devices with firmware 6 before 6.0.3 allow remote attackers to cause a denial of service (defect-mode transition and service outage) via crafted ICMP packets.
|
NVD-CWE-Other
|
CVE-2012-3016
|
2024-11-21 10:40 |
2012-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294228
|
- |
|
sonicwall
|
scrutinizer
|
SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2 allows remote authenticated users to execute arbitrary SQL commands via the q p…
|
CWE-89
SQL Injection
|
CVE-2012-2962
|
2024-11-21 10:40 |
2012-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294229
|
- |
|
nlnetlabs
|
nsd
|
query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 3.2.x before 3.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via a crafted …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2978
|
2024-11-21 10:40 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294230
|
- |
|
siemens
|
simatic_pcs7
simatic_step_7
|
Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse D…
|
NVD-CWE-Other
|
CVE-2012-3015
|
2024-11-21 10:40 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
