|
294001
|
- |
|
emc
|
it_operations_intelligence
|
The default configuration of EMC Smarts Network Configuration Manager (NCM) before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact…
|
CWE-287
Improper Authentication
|
CVE-2012-4614
|
2024-11-21 10:43 |
2012-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294002
|
- |
|
emc
|
rsa_adaptive_authentication_on-premise
|
Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Adaptive Authentication On-Premise (AAOP) before 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vecto…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4611
|
2024-11-21 10:43 |
2012-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294003
|
- |
|
xen
|
xen
|
The HVMOP_pagetable_dying hypercall in Xen 4.0, 4.1, and 4.2 does not properly check the pagetable state when running on shadow pagetables, which allows a local HVM guest OS to cause a denial of serv…
|
CWE-20
Improper Input Validation
|
CVE-2012-4538
|
2024-11-21 10:43 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294004
|
- |
|
ruby-lang
|
ruby
|
The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4522
|
2024-11-21 10:43 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294005
|
- |
|
tecnick
|
tcexam
|
Multiple cross-site scripting (XSS) vulnerabilities in admin/code/tce_select_users_popup.php in Nicola Asuni TCExam before 11.3.009 allow remote attackers to inject arbitrary web script or HTML via t…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4602
|
2024-11-21 10:43 |
2012-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294006
|
- |
|
tecnick
|
tcexam
|
Multiple SQL injection vulnerabilities in Nicola Asuni TCExam before 11.3.009 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the (1) user_g…
|
CWE-89
SQL Injection
|
CVE-2012-4601
|
2024-11-21 10:43 |
2012-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294007
|
- |
|
xen
|
xen
|
Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments…
|
CWE-399
Resource Management Errors
|
CVE-2012-4539
|
2024-11-21 10:43 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294008
|
- |
|
xen
|
xen
|
Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause…
|
CWE-16
Configuration
|
CVE-2012-4537
|
2024-11-21 10:43 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294009
|
- |
|
xen
|
xen
|
The (1) domain_pirq_to_emuirq and (2) physdev_unmap_pirq functions in Xen 2.2 allows local guest OS administrators to cause a denial of service (Xen crash) via a crafted pirq value that triggers an o…
|
NVD-CWE-noinfo
|
CVE-2012-4536
|
2024-11-21 10:43 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294010
|
- |
|
xen
|
xen
|
Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inapp…
|
CWE-399
Resource Management Errors
|
CVE-2012-4535
|
2024-11-21 10:43 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
