|
296131
|
- |
|
apple
|
safari
|
Cross-site scripting (XSS) vulnerability in Apple Safari before 6.0 allows remote attackers to inject arbitrary web script or HTML via a feed:// URL.
|
CWE-79
Cross-site Scripting
|
CVE-2012-0678
|
2024-11-21 10:35 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296132
|
- |
|
postgresql
|
postgresql
|
CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary S…
|
CWE-89
SQL Injection
|
CVE-2012-0868
|
2024-11-21 10:35 |
2012-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296133
|
- |
|
opensuse_project
postgresql
debian
redhat
|
opensuse
postgresql
debian_linux
enterprise_linux_server_aus
enterprise_linux_server_eus
enterprise_linux_hpc_node
enterprise_linux_desktop
enterprise_linux_server
enterprise_…
|
PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof conn…
|
CWE-20
CWE-295
Improper Input Validation
Improper Certificate Validation
|
CVE-2012-0867
|
2024-11-21 10:35 |
2012-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296134
|
- |
|
postgresql
|
postgresql
|
CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0866
|
2024-11-21 10:35 |
2012-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296135
|
- |
|
sun
|
sunos
|
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local users to affect availability via unknown vectors related to Kerberos/klist.
|
NVD-CWE-noinfo
|
CVE-2012-0563
|
2024-11-21 10:35 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296136
|
- |
|
oracle
mariadb
redhat
|
mysql
mariadb
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_eus
|
Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
|
NVD-CWE-noinfo
|
CVE-2012-0540
|
2024-11-21 10:35 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296137
|
- |
|
moodle
|
moodle
|
lib/formslib.php in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 does not properly handle multiple instances of a form element, which has unspecified impact and remote attack vectors.
|
CWE-20
Improper Input Validation
|
CVE-2012-0801
|
2024-11-21 10:35 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296138
|
- |
|
moodle
|
moodle
|
The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 makes it easier for physically proximate attackers to discover passwords by reading the …
|
CWE-200
Information Exposure
|
CVE-2012-0800
|
2024-11-21 10:35 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296139
|
- |
|
moodle
|
moodle
|
Moodle 2.0.x before 2.0.7 and 2.1.x before 2.1.4, when an anonymous front-page forum is enabled, allows remote attackers to obtain session keys for their sessions by visiting the front page.
|
CWE-200
Information Exposure
|
CVE-2012-0799
|
2024-11-21 10:35 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296140
|
- |
|
moodle
|
moodle
|
The self-enrolment functionality in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 allows remote authenticated users to obtain the manager role by leveraging the teacher role.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0798
|
2024-11-21 10:35 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
