|
292911
|
- |
|
apache
|
couchdb
|
Cross-site scripting (XSS) vulnerability in the Futon UI in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2012-5650
|
2024-11-21 10:45 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292912
|
- |
|
apache
mochiweb_project
|
couchdb
mochiweb
|
Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1, allows …
|
CWE-22
Path Traversal
|
CVE-2012-5641
|
2024-11-21 10:45 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292913
|
- |
|
imagecms
|
imagecms
|
SQL injection vulnerability in ImageCMS before 4.2 allows remote authenticated administrators to execute arbitrary SQL commands via the q parameter to admin/admin_search/. NOTE: this can be leverage…
|
CWE-89
SQL Injection
|
CVE-2012-6290
|
2024-11-21 10:45 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292914
|
- |
|
hp
|
linux_imaging_and_printing_project
|
HP Linux Imaging and Printing (HPLIP) before 3.13.2 uses world-writable permissions for /var/log/hp and /var/log/hp/tmp, which allows local users to delete log files via standard filesystem operation…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6108
|
2024-11-21 10:45 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292915
|
- |
|
redhat
|
satellite
satellite_5_managed_db
spacewalk-java
|
Multiple cross-site scripting (XSS) vulnerabilities in systems/sdc/notes.jsp in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6149
|
2024-11-21 10:45 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292916
|
- |
|
pidgin
|
pidgin
|
The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service (application crash) via crafted byte …
|
CWE-20
Improper Input Validation
|
CVE-2012-6152
|
2024-11-21 10:45 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292917
|
- |
|
zabbix
|
zabbix
|
libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.8rc1, and 2.1.x before 2.1.2 does not properly set the CURLOPT_SSL_VERIFYHOST option for libcurl, which allows man-in-the-…
|
CWE-310
Cryptographic Issues
|
CVE-2012-6086
|
2024-11-21 10:45 |
2014-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292918
|
- |
|
apple
canonical
net-snmp
|
mac_os_x
ubuntu_linux
net-snmp
|
Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, …
|
CWE-399
Resource Management Errors
|
CVE-2012-6151
|
2024-11-21 10:45 |
2013-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292919
|
- |
|
samba
canonical
|
samba
ubuntu_linux
|
The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which all…
|
CWE-20
Improper Input Validation
|
CVE-2012-6150
|
2024-11-21 10:45 |
2013-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292920
|
- |
|
kth
opensuse
|
snack_sound_toolkit
wavesurfer
opensuse
|
Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allows remote attackers to cause a denial of service (crash…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-6303
|
2024-11-21 10:45 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
