|
290831
|
- |
|
mozilla
suse
opensuse
redhat
canonical
|
firefox
seamonkey
thunderbird
thunderbird_esr
linux_enterprise_desktop
opensuse
linux_enterprise_server
linux_enterprise_software_development_kit
enterprise_linux_server
en…
|
Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 1…
|
CWE-416
Use After Free
|
CVE-2012-3956
|
2024-11-21 10:41 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290832
|
- |
|
tor
|
tor
|
routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information abo…
|
CWE-200
Information Exposure
|
CVE-2012-3519
|
2024-11-21 10:41 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290833
|
- |
|
tor
|
tor
|
The networkstatus_parse_vote_from_string function in routerparse.c in Tor before 0.2.2.38 does not properly handle an invalid flavor name, which allows remote attackers to cause a denial of service (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3518
|
2024-11-21 10:41 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290834
|
- |
|
tor
|
tor
|
Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests.
|
CWE-399
Resource Management Errors
|
CVE-2012-3517
|
2024-11-21 10:41 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290835
|
- |
|
jabberd2
jabber2
|
jabberd2
|
s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (…
|
CWE-20
Improper Input Validation
|
CVE-2012-3525
|
2024-11-21 10:41 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290836
|
- |
|
nicolas_cannasse
|
ocaml_xml-light_library
|
OCaml Xml-Light Library before r234 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service …
|
CWE-310
Cryptographic Issues
|
CVE-2012-3514
|
2024-11-21 10:41 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290837
|
- |
|
roundcube
|
webmail
|
Cross-site scripting (XSS) vulnerability in program/lib/washtml.php in Roundcube Webmail 0.8.0 allows remote attackers to inject arbitrary web script or HTML by using "javascript:" in an href attribu…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3508
|
2024-11-21 10:41 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290838
|
- |
|
roundcube
|
webmail
|
Cross-site scripting (XSS) vulnerability in program/steps/mail/func.inc in RoundCube Webmail before 0.8.0, when using the Larry skin, allows remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3507
|
2024-11-21 10:41 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290839
|
9.8 |
CRITICAL
Network
|
theforeman
redhat
|
katello
enterprise_linux_server
|
The installation script in Katello 1.0 and earlier does not properly generate the Application.config.secret_token value, which causes each default installation to have the same secret token, and allo…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2012-3503
|
2024-11-21 10:41 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290840
|
- |
|
darold
|
squidclamav
|
The squidclamav_check_preview_handler function in squidclamav.c in SquidClamav 5.x before 5.8 and 6.x before 6.7 passes an unescaped URL to a system command call, which allows remote attackers to cau…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3501
|
2024-11-21 10:41 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
