|
292011
|
- |
|
php
|
php
|
Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash)…
|
CWE-189
Numeric Errors
|
CVE-2012-2386
|
2024-11-21 10:38 |
2012-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292012
|
- |
|
hp
|
network_node_manager_i
|
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 8.x, 9.0x, and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2018
|
2024-11-21 10:38 |
2012-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292013
|
- |
|
rsa
|
access_manager_server
access_manager_agent
|
EMC RSA Access Manager Server 6.x before 6.1 SP4 and RSA Access Manager Agent do not properly validate session tokens after a logout, which might allow remote attackers to conduct replay attacks via …
|
CWE-287
Improper Authentication
|
CVE-2012-2281
|
2024-11-21 10:38 |
2012-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292014
|
- |
|
postgresql
freebsd
php
debian
|
postgresql
freebsd
php
debian_linux
|
The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contai…
|
CWE-310
Cryptographic Issues
|
CVE-2012-2143
|
2024-11-21 10:38 |
2012-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292015
|
- |
|
fedoraproject
|
anaconda
|
The bootloader configuration module (pyanaconda/bootloader.py) in Anaconda uses 755 permissions for /etc/grub.d, which allows local users to obtain password hashes and conduct brute force password gu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2314
|
2024-11-21 10:38 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292016
|
- |
|
ibm
|
websphere_portal
|
Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF14, and 8.0, allows remote attackers to read arbitrary files via a crafted URL.
|
CWE-22
Path Traversal
|
CVE-2012-2181
|
2024-11-21 10:38 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292017
|
- |
|
pidgin
|
pidgin
|
msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service (application crash) by plac…
|
CWE-20
Improper Input Validation
|
CVE-2012-2318
|
2024-11-21 10:38 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292018
|
- |
|
pidgin
|
pidgin
|
proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (applicat…
|
CWE-399
Resource Management Errors
|
CVE-2012-2214
|
2024-11-21 10:38 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292019
|
- |
|
linux
|
linux_kernel
|
Use-after-free vulnerability in the Linux kernel before 3.3.6, when huge pages are enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges by interacting w…
|
CWE-399
Resource Management Errors
|
CVE-2012-2133
|
2024-11-21 10:38 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292020
|
- |
|
linux
|
linux_kernel
|
The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 3.2.2, on the x86 platform and unspecified other platforms, allows user-assisted remote attackers to trigger inconsisten…
|
CWE-189
Numeric Errors
|
CVE-2012-2100
|
2024-11-21 10:38 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
