|
293281
|
9.8 |
CRITICAL
Network
|
tiki
|
tikiwiki_cms\/groupware
|
TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary PHP code via a crafted serialized object in the (1) cookieName to lib/banners/bannerlib.php; (2) prin…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2012-0911
|
2024-11-21 10:35 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293282
|
- |
|
libexpat_project
python
debian
canonical
oracle
redhat
|
libexpat
python
debian_linux
ubuntu_linux
solaris
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_workstation
enterprise_linux_desktop
storage
enter…
|
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a deni…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2012-0876
|
2024-11-21 10:35 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293283
|
- |
|
fedoraproject
|
389_directory_server
|
The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0833
|
2024-11-21 10:35 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293284
|
- |
|
david_paleino
|
wicd
|
Wicd before 1.7.1 saves sensitive information in log files in /var/log/wicd, which allows context-dependent attackers to obtain passwords and other sensitive information.
|
CWE-255
Credentials Management
|
CVE-2012-0813
|
2024-11-21 10:35 |
2012-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293285
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the Integration Solution Console in the Administration Console in IBM WebSphere Application Server 7.0 before 7.0.0.23 allows remote attackers to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0720
|
2024-11-21 10:35 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293286
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 7.0 before 7.0.0.23, when a certain SSLv2 configuration with client authentication is used, allows remote attackers to bypass X.509 client-certificate authentication …
|
CWE-287
Improper Authentication
|
CVE-2012-0717
|
2024-11-21 10:35 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293287
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server 7.0 before 7.0.0.23 allows remote attackers to inject arbitrary web script or HTML via unspe…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0716
|
2024-11-21 10:35 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293288
|
- |
|
spamdyke
|
spamdyke
|
Multiple buffer overflows in Spamdyke before 4.3.0 might allow remote attackers to execute arbitrary code via vectors related to "serious errors in the usage of snprintf()/vsnprintf()" in which the r…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0802
|
2024-11-21 10:35 |
2012-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293289
|
- |
|
apple
|
itunes
|
Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0677
|
2024-11-21 10:35 |
2012-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293290
|
- |
|
dropbear_ssh_project
debian
|
dropbear_ssh
debian_linux
|
Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54, when command restriction and public key authentication are enabled, allows remote authenticated users to execute arbitrary co…
|
CWE-399
Resource Management Errors
|
CVE-2012-0920
|
2024-11-21 10:35 |
2012-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
