|
294011
|
- |
|
intelliants
|
subrion_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) admin/accounts/, (2) admin/ma…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4771
|
2024-11-21 10:43 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294012
|
- |
|
openfabrics
|
ibacm
|
ibacm 1.0.7 creates files with world-writable permissions, which allows local users to overwrite the ib_acm daemon log or ibacm.port file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4518
|
2024-11-21 10:43 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294013
|
- |
|
openfabrics
|
ibacm
|
ibacm before 1.0.6 does not properly manage reference counts for multicast connections, which allows remote attackers to cause a denial of service (ibacm service crash) via a crafted join response.
|
CWE-399
Resource Management Errors
|
CVE-2012-4517
|
2024-11-21 10:43 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294014
|
- |
|
openfabrics
|
librdmacm
|
librdmacm 1.0.16, when ibacm.port is not specified, connects to port 6125, which allows remote attackers to specify the address resolution information for the application via a malicious ib_acm servi…
|
NVD-CWE-Other
|
CVE-2012-4516
|
2024-11-21 10:43 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294015
|
- |
|
gnome
|
libsocialweb
|
services/flickr/flickr.c in libsocialweb before 0.25.21 automatically connects to Flickr when no Flickr account is set, which might allow remote attackers to obtain sensitive information via a man-in…
|
CWE-200
Information Exposure
|
CVE-2012-4511
|
2024-11-21 10:43 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294016
|
- |
|
claws-mail
|
claws-mail
|
The strchr function in procmime.c in Claws Mail (aka claws-mail) 3.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted email.
|
NVD-CWE-Other
|
CVE-2012-4507
|
2024-11-21 10:43 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294017
|
- |
|
sitaram_chamarty
gitolite
|
gitolite
|
Directory traversal vulnerability in gitolite 3.x before 3.1, when wild card repositories and a pattern matching "../" are enabled, allows remote authenticated users to create arbitrary repositories …
|
CWE-22
Path Traversal
|
CVE-2012-4506
|
2024-11-21 10:43 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294018
|
- |
|
otrs
|
otrs
|
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) Help Desk 2.4.x before 2.4.15, 3.0.x before 3.0.17, and 3.1.x before 3.1.11 allows remote attackers to inject arbitrary w…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4751
|
2024-11-21 10:43 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294019
|
- |
|
novell
|
zenworks_asset_management
|
The rtrlet web application in the Web Console in Novell ZENworks Asset Management (ZAM) 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the (1) GetFile_Password and (…
|
CWE-255
Credentials Management
|
CVE-2012-4933
|
2024-11-21 10:43 |
2012-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294020
|
- |
|
ibm
|
aix
vios
|
The FTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly manage privileges in an RBAC environment, which allows attackers to bypass intended file-read restrictions by le…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4845
|
2024-11-21 10:43 |
2012-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
