|
295161
|
- |
|
moodle
|
moodle
|
mod/forum/user.php in Moodle 1.9.x before 1.9.16 allows remote authenticated users to obtain the names and other details of arbitrary user accounts by searching for posts.
|
CWE-200
Information Exposure
|
CVE-2012-0792
|
2024-11-21 10:35 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295162
|
9.8 |
CRITICAL
Network
|
tiki
|
tikiwiki_cms\/groupware
|
TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary PHP code via a crafted serialized object in the (1) cookieName to lib/banners/bannerlib.php; (2) prin…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2012-0911
|
2024-11-21 10:35 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295163
|
- |
|
libexpat_project
python
debian
canonical
oracle
redhat
|
libexpat
python
debian_linux
ubuntu_linux
solaris
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_workstation
enterprise_linux_desktop
storage
enter…
|
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a deni…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2012-0876
|
2024-11-21 10:35 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295164
|
- |
|
fedoraproject
|
389_directory_server
|
The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0833
|
2024-11-21 10:35 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295165
|
- |
|
david_paleino
|
wicd
|
Wicd before 1.7.1 saves sensitive information in log files in /var/log/wicd, which allows context-dependent attackers to obtain passwords and other sensitive information.
|
CWE-255
Credentials Management
|
CVE-2012-0813
|
2024-11-21 10:35 |
2012-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295166
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the Integration Solution Console in the Administration Console in IBM WebSphere Application Server 7.0 before 7.0.0.23 allows remote attackers to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0720
|
2024-11-21 10:35 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295167
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 7.0 before 7.0.0.23, when a certain SSLv2 configuration with client authentication is used, allows remote attackers to bypass X.509 client-certificate authentication …
|
CWE-287
Improper Authentication
|
CVE-2012-0717
|
2024-11-21 10:35 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295168
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server 7.0 before 7.0.0.23 allows remote attackers to inject arbitrary web script or HTML via unspe…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0716
|
2024-11-21 10:35 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295169
|
- |
|
spamdyke
|
spamdyke
|
Multiple buffer overflows in Spamdyke before 4.3.0 might allow remote attackers to execute arbitrary code via vectors related to "serious errors in the usage of snprintf()/vsnprintf()" in which the r…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0802
|
2024-11-21 10:35 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295170
|
- |
|
apple
|
itunes
|
Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0677
|
2024-11-21 10:35 |
2012-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
