|
292771
|
- |
|
openstack
|
horizon
|
Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a …
|
CWE-20
Improper Input Validation
|
CVE-2012-3540
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292772
|
- |
|
dell
|
crowbar
|
The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands vi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3537
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292773
|
- |
|
uclouvain
|
openjpeg
|
Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3535
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292774
|
- |
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the Install Tool in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3531
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292775
|
- |
|
typo3
|
typo3
|
Incomplete blacklist vulnerability in the t3lib_div::quoteJSvalue API function in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to conduct cross-site s…
|
NVD-CWE-Other
|
CVE-2012-3530
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292776
|
- |
|
typo3
|
typo3
|
The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified…
|
CWE-200
Information Exposure
|
CVE-2012-3529
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292777
|
- |
|
typo3
|
typo3
|
Multiple cross-site scripting (XSS) vulnerabilities in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allow remote authenticated backend users to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3528
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292778
|
- |
|
typo3
debian
|
typo3
debian_linux
|
view_help.php in the backend help system in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to unserialize arbitrary objects and possib…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2012-3527
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292779
|
- |
|
thomas_eibner
|
mod_rpaf
|
The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For …
|
NVD-CWE-noinfo
|
CVE-2012-3526
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292780
|
- |
|
gnu
canonical
debian
|
binutils
libiberty
ubuntu_linux
debian_linux
|
Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to c…
|
CWE-189
Numeric Errors
|
CVE-2012-3509
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
