|
292811
|
- |
|
robert_ancell
|
lightdm
|
lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact.
|
CWE-200
Information Exposure
|
CVE-2012-1111
|
2024-11-21 10:36 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292812
|
- |
|
yealink
|
ip_phone_sip-t19p
ultra-elegant_ip_phone_sip-t41p
ultra-elegant_ip_phone_sip-t48g
gigabit_color_ip_phone_sip-t32g
ultra-elegant_ip_phone_sip-t46g
ip_video_phone_vp530
ip_phone_sip-t…
|
Multiple cross-site scripting (XSS) vulnerabilities in Local Phone book and Blacklist form in Yealink VOIP Phones allow remote authenticated users to inject arbitrary web script or HTML via the user …
|
CWE-79
Cross-site Scripting
|
CVE-2012-1417
|
2024-11-21 10:36 |
2014-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292813
|
- |
|
siteseeker
episerver
|
euroling_siteseeker
episerver
|
Cross-site scripting (XSS) vulnerability in the Euroling SiteSeeker module 3.x before 3.4.5 for EPiServer allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1032
|
2024-11-21 10:36 |
2014-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292814
|
- |
|
xoops
|
xoops
|
Multiple cross-site scripting (XSS) vulnerabilities in XOOPS before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) to_userid parameter to modules/pm/pmlite.php or the…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0984
|
2024-11-21 10:36 |
2014-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292815
|
- |
|
testlink
|
testlink
|
Multiple SQL injection vulnerabilities in TestLink 1.8.5b and earlier allow remote authenticated users with the Requirement view permission to execute arbitrary SQL commands via the req_spec_id param…
|
CWE-89
SQL Injection
|
CVE-2012-0939
|
2024-11-21 10:36 |
2014-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292816
|
- |
|
testlink
|
testlink
|
Multiple SQL injection vulnerabilities in TestLink 1.9.3, 1.8.5b, and earlier allow remote authenticated users with certain permissions to execute arbitrary SQL commands via the root_node parameter i…
|
CWE-89
SQL Injection
|
CVE-2012-0938
|
2024-11-21 10:36 |
2014-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292817
|
- |
|
robert_ancell
canonical
|
lightdm
ubuntu_linux
|
debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0943
|
2024-11-21 10:36 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292818
|
- |
|
canonical
|
ltsp_display_manager
ubuntu_linux
|
The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KP_RETURN keybinding, which launches a terminal window.
|
CWE-78
OS Command
|
CVE-2012-1166
|
2024-11-21 10:36 |
2014-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292819
|
- |
|
cisco
|
ios
asr_1001
asr_1002
asr_1002-x
asr_1002_fixed_router
asr_1004
asr_1006
asr_1013
asr_1023_router
asr_9000_rsp440_router
|
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted …
|
CWE-20
Improper Input Validation
|
CVE-2012-1366
|
2024-11-21 10:36 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292820
|
- |
|
cisco
|
ios
|
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1317
|
2024-11-21 10:36 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
