|
294011
|
- |
|
mcrypt
|
mcrypt
|
Stack-based buffer overflow in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name. NOTE: it …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4527
|
2024-11-21 10:43 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294012
|
- |
|
uninett
|
radsecproxy
|
The DTLS support in radsecproxy before 1.6.2 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the ce…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4566
|
2024-11-21 10:43 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294013
|
- |
|
google
|
web_toolkit
|
Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) 2.4 Beta and release candidates before 2.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vector…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4563
|
2024-11-21 10:43 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294014
|
- |
|
uninett
|
radsecproxy
|
radsecproxy before 1.6.1 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, whi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4523
|
2024-11-21 10:43 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294015
|
- |
|
cups-pk-helper_project
|
cups-pk-helper
|
cups-pk-helper before 0.2.3 does not properly wrap the (1) cupsGetFile and (2) cupsPutFile function calls, which allows user-assisted remote attackers to read or overwrite sensitive files using CUPS …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4510
|
2024-11-21 10:43 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294016
|
- |
|
matomo
|
matomo
|
Cross-site scripting (XSS) vulnerability in Piwik before 1.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4541
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294017
|
- |
|
viewvc
debian
|
viewvc
debian_linux
|
Cross-site scripting (XSS) vulnerability in the "extra" details in the DiffSource._get_row function in lib/viewvc.py in ViewVC 1.0.x before 1.0.13 and 1.1.x before 1.1.16 allows remote authenticated …
|
CWE-79
Cross-site Scripting
|
CVE-2012-4533
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294018
|
- |
|
steve_j_baker
|
plib
|
Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4552
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294019
|
- |
|
djangoproject
|
django
|
The django.http.HttpRequest.get_host function in Django 1.3.x before 1.3.4 and 1.4.x before 1.4.2 allows remote attackers to generate and display arbitrary URLs via crafted username and password Host…
|
CWE-20
Improper Input Validation
|
CVE-2012-4520
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294020
|
- |
|
patterninsight
|
pattern_insight
|
Cross-site scripting (XSS) vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters t…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4950
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
