|
293361
|
- |
|
apache
|
solr
|
The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaratio…
|
NVD-CWE-noinfo
|
CVE-2012-6612
|
2024-11-21 10:46 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293362
|
- |
|
djvulibre_project
|
djvulibre
|
DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a…
|
CWE-94
Code Injection
|
CVE-2012-6535
|
2024-11-21 10:46 |
2013-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293363
|
- |
|
elastix
|
elastix
|
Cross-site scripting (XSS) vulnerability in xmlservices/E_book.php in Elastix 2.3.0 allows remote attackers to inject arbitrary web script or HTML via the Page parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-6608
|
2024-11-21 10:46 |
2013-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293364
|
- |
|
augeas
|
augeas
|
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup …
|
CWE-22
Path Traversal
|
CVE-2012-6607
|
2024-11-21 10:46 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293365
|
- |
|
microsoft
|
office
|
Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "WPD File Format Memory Corruption Vulnerability."
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0082
|
2024-11-21 10:46 |
2013-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293366
|
- |
|
microsoft
|
sharepoint_services
sharepoint_foundation
sharepoint_server
sharepoint_portal_server
|
Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote attackers to cause a denial of…
|
CWE-20
Improper Input Validation
|
CVE-2013-0081
|
2024-11-21 10:46 |
2013-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293367
|
- |
|
paloaltonetworks
|
netconnect
globalprotect
|
Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof portal servers and obtain sensiti…
|
CWE-310
Cryptographic Issues
|
CVE-2012-6606
|
2024-11-21 10:46 |
2013-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293368
|
- |
|
paloaltonetworks
|
pan-os
|
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka…
|
CWE-78
OS Command
|
CVE-2012-6605
|
2024-11-21 10:46 |
2013-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293369
|
- |
|
paloaltonetworks
|
pan-os
|
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka…
|
CWE-78
OS Command
|
CVE-2012-6604
|
2024-11-21 10:46 |
2013-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293370
|
- |
|
paloaltonetworks
|
pan-os
|
The web management UI in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to bypass authentication and obtain administrator privileges via …
|
CWE-287
Improper Authentication
|
CVE-2012-6603
|
2024-11-21 10:46 |
2013-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
