|
290111
|
- |
|
samba
canonical
|
samba
ubuntu_linux
|
The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which all…
|
CWE-20
Improper Input Validation
|
CVE-2012-6150
|
2024-11-21 10:45 |
2013-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290112
|
- |
|
kth
opensuse
|
snack_sound_toolkit
wavesurfer
opensuse
|
Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allows remote attackers to cause a denial of service (crash…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-6303
|
2024-11-21 10:45 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290113
|
- |
|
oracle
mariadb
|
mysql
mariadb
|
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection wh…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2012-5627
|
2024-11-21 10:45 |
2013-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290114
|
- |
|
moodle
|
moodle
|
repository/s3/S3.php in the Amazon S3 library in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not verify that the server hostname matches a domain name i…
|
CWE-20
Improper Input Validation
|
CVE-2012-6087
|
2024-11-21 10:45 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290115
|
- |
|
cisco
|
wireless_control_system
prime_network_control_system
|
Multiple cross-site scripting (XSS) vulnerabilities in Health Monitor Login pages in Cisco Prime Network Control System (NCS) and Wireless Control System (WCS) allow remote attackers to inject arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5990
|
2024-11-21 10:45 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290116
|
- |
|
cisco
|
identity_services_engine_software
|
Multiple cross-site scripting (XSS) vulnerabilities in the guest portal in Cisco Identity Services Engine (ISE) Software allow remote attackers to inject arbitrary web script or HTML via unspecified …
|
CWE-79
Cross-site Scripting
|
CVE-2012-5744
|
2024-11-21 10:45 |
2013-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290117
|
- |
|
videolan
|
vlc_media_player
|
The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorre…
|
CWE-189
Numeric Errors
|
CVE-2012-5855
|
2024-11-21 10:45 |
2013-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290118
|
- |
|
ibm
|
sterling_b2b_integrator
sterling_file_gateway
|
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 do not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capt…
|
CWE-310
Cryptographic Issues
|
CVE-2012-5936
|
2024-11-21 10:45 |
2013-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290119
|
- |
|
ibm
|
sterling_b2b_integrator
sterling_file_gateway
|
Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via vectors …
|
CWE-89
SQL Injection
|
CVE-2012-5766
|
2024-11-21 10:45 |
2013-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290120
|
- |
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the function menu API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6148
|
2024-11-21 10:45 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
