|
292821
|
- |
|
php
|
php
|
The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use o…
|
CWE-200
Information Exposure
|
CVE-2012-1171
|
2024-11-21 10:36 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292822
|
- |
|
iproute2_project
|
iproute2
|
iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file used by (1) configure or (2) examples/dhcp-client-script.
|
CWE-59
Link Following
|
CVE-2012-1088
|
2024-11-21 10:36 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292823
|
- |
|
redhat
|
jboss_operations_network
|
Red Hat JBoss Operations Network (JON) 3.0.x before 3.0.1, 2.4.2, and earlier, when LDAP authentication is enabled and the LDAP bind account credentials are invalid, allows remote attackers to login …
|
CWE-287
Improper Authentication
|
CVE-2012-1100
|
2024-11-21 10:36 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292824
|
- |
|
opensuse
|
opensuse
osc
|
osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted (1) build log or (2) build status that contains an escape sequence for a …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1095
|
2024-11-21 10:36 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292825
|
- |
|
cisco
|
unified_computing_system
|
The remote debug shell on the PALO adapter card in Cisco Unified Computing System (UCS) allows local users to gain privileges via malformed show-macstats parameters, aka Bug ID CSCub13772.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1313
|
2024-11-21 10:36 |
2013-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292826
|
- |
|
juniper
|
networks_mobility_system_software
|
Cross-site scripting (XSS) vulnerability in the WebAAA login functionality (wba_login.html) in Juniper Networks Mobility System Software (MSS) 7.6.x before 7.6.3, 7.7.x before 7.7.1, 7.5.x before 7.5…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1038
|
2024-11-21 10:36 |
2013-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292827
|
- |
|
mit
|
kerberos_5
|
The pkinit_server_return_padata function in plugins/preauth/pkinit/pkinit_srv.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 attempts t…
|
CWE-476
NULL Pointer Dereference
|
CVE-2012-1016
|
2024-11-21 10:36 |
2013-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292828
|
- |
|
emc
|
rsa_archer_smartsuite
rsa_archer_egrc
|
Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to inject arbitrary web script or HTML via u…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1064
|
2024-11-21 10:36 |
2013-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292829
|
- |
|
canonical
sebastian_heinlein
|
ubuntu_linux
aptdaemon
|
Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-t…
|
NVD-CWE-noinfo
|
CVE-2012-0962
|
2024-11-21 10:36 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292830
|
- |
|
debian
|
apt
advanced_package_tool
|
Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ubuntu10.x before 0.8.16~exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable perm…
|
CWE-200
Information Exposure
|
CVE-2012-0961
|
2024-11-21 10:36 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
