|
289071
|
- |
|
moodle
|
moodle
|
report/outline/index.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly enforce the moodle/user:viewhiddendetails capability requirement, which allows remo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6100
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289072
|
- |
|
moodle
|
moodle
|
The moodle1 backup converter in backup/converter/moodle1/lib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly validate pathnames, wh…
|
CWE-20
Improper Input Validation
|
CVE-2012-6099
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289073
|
- |
|
moodle
|
moodle
|
grade/edit/outcome/edit_form.php in Moodle 1.9.x through 1.9.19, 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly enforce the moodle/grade:manage …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6098
|
2024-11-21 10:45 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289074
|
- |
|
tp-link
|
tl-wr841n_firmware
tl-wr841n
|
Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitr…
|
CWE-22
Path Traversal
|
CVE-2012-6276
|
2024-11-21 10:45 |
2013-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289075
|
- |
|
dell
|
openmanage_server_administrator
|
Multiple cross-site scripting (XSS) vulnerabilities in Dell OpenManage Server Administrator 6.5.0.1, 7.0.0.1, and 7.1.0.1 allow remote attackers to inject arbitrary web script or HTML via the topic p…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6272
|
2024-11-21 10:45 |
2013-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289076
|
- |
|
isc
redhat
canonical
|
bind
enterprise_linux_hpc_node
enterprise_linux_server_eus
enterprise_linux_server_aus
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
ubuntu_linux
|
ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a d…
|
CWE-20
Improper Input Validation
|
CVE-2012-5689
|
2024-11-21 10:45 |
2013-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289077
|
- |
|
proftpd
|
proftpd
|
ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD command…
|
CWE-362
Race Condition
|
CVE-2012-6095
|
2024-11-21 10:45 |
2013-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289078
|
- |
|
freetype
|
freetype
|
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODI…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5670
|
2024-11-21 10:45 |
2013-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289079
|
- |
|
freetype
|
freetype
|
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5669
|
2024-11-21 10:45 |
2013-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289080
|
- |
|
freetype
|
freetype
|
FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an "allocatio…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5668
|
2024-11-21 10:45 |
2013-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
