|
293571
|
- |
|
todd_miller
|
sudo
|
Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to execute arbitrary code via format string sequences in the program name for sudo.
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2012-0809
|
2024-11-21 10:35 |
2012-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293572
|
- |
|
samba
|
samba
|
Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making many connection requests.
|
CWE-200
Information Exposure
|
CVE-2012-0817
|
2024-11-21 10:35 |
2012-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293573
|
- |
|
wordpress
|
wordpress
|
Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier allow remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2012-0782
|
2024-11-21 10:35 |
2012-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293574
|
- |
|
acidcat
|
acidcat_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Acidcat CMS 3.5.1, 3.5.2, 3.5.6, and possibly earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) adm…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0933
|
2024-11-21 10:35 |
2012-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293575
|
- |
|
leadcapturepagesystem
|
lead_capture_page_system
|
Cross-site scripting (XSS) vulnerability in admin/login.php in Lead Capture Page System allows remote attackers to inject arbitrary web script or HTML via the message parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-0932
|
2024-11-21 10:35 |
2012-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293576
|
9.8 |
CRITICAL
Network
|
schneider-electric
|
modicon_quantum_plc
|
Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or possibly execute arbitrary cod…
|
CWE-287
Improper Authentication
|
CVE-2012-0931
|
2024-11-21 10:35 |
2012-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293577
|
6.1 |
MEDIUM
Network
|
schneider-electric
|
modicon_quantum_plc
|
Cross-site scripting (XSS) vulnerability in Schneider Electric Modicon Quantum PLC allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-0930
|
2024-11-21 10:35 |
2012-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293578
|
7.5 |
HIGH
Network
|
schneider-electric
|
modicon_quantum_plc
|
Multiple buffer overflows in Schneider Electric Modicon Quantum PLC allow remote attackers to cause a denial of service via malformed requests to the (1) FTP server or (2) HTTP server.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0929
|
2024-11-21 10:35 |
2012-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293579
|
- |
|
openbsd
|
openssh
|
The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain p…
|
CWE-255
Credentials Management
|
CVE-2012-0814
|
2024-11-21 10:35 |
2012-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293580
|
- |
|
hardened-php
|
suhosin
|
Stack-based buffer overflow in the suhosin_encrypt_single_cookie function in the transparent cookie-encryption feature in the Suhosin extension before 0.9.33 for PHP, when suhosin.cookie.encrypt and …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0807
|
2024-11-21 10:35 |
2012-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
