|
300851
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 7.0 before 7.0.0.23, when a certain SSLv2 configuration with client authentication is used, allows remote attackers to bypass X.509 client-certificate authentication …
|
CWE-287
Improper Authentication
|
CVE-2012-0717
|
2024-11-21 10:35 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300852
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server 7.0 before 7.0.0.23 allows remote attackers to inject arbitrary web script or HTML via unspe…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0716
|
2024-11-21 10:35 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300853
|
- |
|
spamdyke
|
spamdyke
|
Multiple buffer overflows in Spamdyke before 4.3.0 might allow remote attackers to execute arbitrary code via vectors related to "serious errors in the usage of snprintf()/vsnprintf()" in which the r…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0802
|
2024-11-21 10:35 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300854
|
- |
|
apple
|
itunes
|
Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0677
|
2024-11-21 10:35 |
2012-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300855
|
- |
|
dropbear_ssh_project
debian
|
dropbear_ssh
debian_linux
|
Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54, when command restriction and public key authentication are enabled, allows remote authenticated users to execute arbitrary co…
|
CWE-399
Resource Management Errors
|
CVE-2012-0920
|
2024-11-21 10:35 |
2012-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300856
|
- |
|
sqlalchemy
|
sqlalchemy
|
Multiple SQL injection vulnerabilities in SQLAlchemy before 0.7.0b4, as used in Keystone, allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset keyword to the selec…
|
CWE-89
SQL Injection
|
CVE-2012-0805
|
2024-11-21 10:35 |
2012-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300857
|
- |
|
xinetd
|
xinetd
|
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access …
|
CWE-20
Improper Input Validation
|
CVE-2012-0862
|
2024-11-21 10:35 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300858
|
- |
|
rpm
|
rpm
|
The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region o…
|
CWE-189
Numeric Errors
|
CVE-2012-0815
|
2024-11-21 10:35 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300859
|
- |
|
cvs
|
cvs
|
Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0804
|
2024-11-21 10:35 |
2012-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300860
|
5.5 |
MEDIUM
Local
|
linux
canonical
debian
suse
|
linux_kernel
ubuntu_linux
debian_linux
linux_enterprise_server
linux_enterprise_desktop
linux_enterprise_high_availability_extension
|
The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by st…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2012-0879
|
2024-11-21 10:35 |
2012-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
