|
296021
|
- |
|
google
|
tunnelblick
|
Tunnelblick 3.3beta20 and earlier allows local users to gain privileges via an OpenVPN configuration file that specifies execution of a script upon occurrence of an OpenVPN event.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3486
|
2024-11-21 10:40 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296022
|
- |
|
google
|
tunnelblick
|
Tunnelblick 3.3beta20 and earlier relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable file pathname, which allows local users to gain privileges via…
|
CWE-20
Improper Input Validation
|
CVE-2012-3485
|
2024-11-21 10:40 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296023
|
- |
|
google
|
tunnelblick
|
Tunnelblick 3.3beta20 and earlier relies on a test for specific ownership and permissions to determine whether a program can be safely executed, which allows local users to bypass intended access res…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3484
|
2024-11-21 10:40 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296024
|
- |
|
google
|
tunnelblick
|
Race condition in the runScript function in Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by replacing a script file.
|
CWE-362
Race Condition
|
CVE-2012-3483
|
2024-11-21 10:40 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296025
|
- |
|
thomas_hunter
|
neoinvoice
|
SQL injection vulnerability in signup_check.php in NeoInvoice allows remote attackers to execute arbitrary SQL commands via the value parameter in a username action.
|
CWE-89
SQL Injection
|
CVE-2012-3477
|
2024-11-21 10:40 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296026
|
- |
|
gimp
|
gimp
|
Integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c in the GIF image format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service (applicati…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2012-3481
|
2024-11-21 10:40 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296027
|
- |
|
gnu
|
glibc
|
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users t…
|
CWE-189
Numeric Errors
|
CVE-2012-3480
|
2024-11-21 10:40 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296028
|
- |
|
gnu
|
emacs
|
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remot…
|
NVD-CWE-noinfo
|
CVE-2012-3479
|
2024-11-21 10:40 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296029
|
- |
|
icinga
|
icinga
|
The database creation script (module/idoutils/db/scripts/create_mysqldb.sh) in Icinga 1.7.1 grants access to all databases to the icinga user, which allows icinga users to access other databases via …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3441
|
2024-11-21 10:40 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296030
|
- |
|
condor_project
|
condor
|
Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS h…
|
CWE-287
Improper Authentication
|
CVE-2012-3416
|
2024-11-21 10:40 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
