|
296141
|
- |
|
drupal
|
drupal
|
Drupal 6.x before 6.27 allows remote attackers to obtain sensitive information about uploaded files via a (1) RSS feed or (2) search result.
|
CWE-200
Information Exposure
|
CVE-2012-5652
|
2024-11-21 10:45 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296142
|
- |
|
drupal
|
drupal
|
Drupal 6.x before 6.27 and 7.x before 7.18 displays information for blocked users, which might allow remote attackers to obtain sensitive information by reading the search results.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5651
|
2024-11-21 10:45 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296143
|
- |
|
ircd-ratbox
ratbox
|
ircd-ratbox
|
modules/m_capab.c in (1) ircd-ratbox before 3.0.8 and (2) Charybdis before 3.4.2 does not properly support capability negotiation during server handshakes, which allows remote attackers to cause a de…
|
NVD-CWE-Other
|
CVE-2012-6084
|
2024-11-21 10:45 |
2013-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296144
|
- |
|
ibm
|
spss_modeler
|
IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (C…
|
NVD-CWE-Other
|
CVE-2012-5769
|
2024-11-21 10:45 |
2013-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296145
|
- |
|
fail2ban
|
fail2ban
|
server/action.py in Fail2ban before 0.8.8 does not properly handle the content of the matches tag, which might allow remote attackers to trigger unsafe behavior in a custom action file via unspecifie…
|
NVD-CWE-noinfo
|
CVE-2012-5642
|
2024-11-21 10:45 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296146
|
- |
|
wordpress
|
wordpress
|
WordPress 3.4.2 does not invalidate a wordpress_sec session cookie upon an administrator's logout action, which makes it easier for remote attackers to discover valid session identifiers via a brute-…
|
CWE-200
Information Exposure
|
CVE-2012-5868
|
2024-11-21 10:45 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296147
|
- |
|
ca
|
identityminder
|
Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12.5 before SP15, and r12.6 GA allows remote attackers to bypass intended access restrictions via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2012-6299
|
2024-11-21 10:45 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296148
|
- |
|
ca
|
identityminder
|
Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12.5 before SP15, and r12.6 GA allows remote attackers to execute arbitrary commands or modify data via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2012-6298
|
2024-11-21 10:45 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296149
|
- |
|
ibm
|
tivoli_netview
|
Unspecified vulnerability in IBM Tivoli NetView 1.4, 5.1 through 5.4, and 6.1 on z/OS allows local users to gain privileges by leveraging access to the normal Unix System Services (USS) security leve…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5951
|
2024-11-21 10:45 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296150
|
- |
|
microfocus
|
privileged_user_manager
|
Eval injection vulnerability in the ldapagnt_eval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote attackers to execute arbitrary Perl code…
|
CWE-94
Code Injection
|
CVE-2012-5932
|
2024-11-21 10:45 |
2012-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
