|
291271
|
- |
|
google
|
tunnelblick
|
Race condition in Tunnelblick 3.3beta20 and earlier allows local users to kill unintended processes by waiting for a specific PID value to be assigned to a target process.
|
CWE-362
Race Condition
|
CVE-2012-3487
|
2024-11-21 10:40 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291272
|
- |
|
google
|
tunnelblick
|
Tunnelblick 3.3beta20 and earlier allows local users to gain privileges via an OpenVPN configuration file that specifies execution of a script upon occurrence of an OpenVPN event.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3486
|
2024-11-21 10:40 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291273
|
- |
|
google
|
tunnelblick
|
Tunnelblick 3.3beta20 and earlier relies on argv[0] to determine the name of an appropriate (1) kernel module pathname or (2) executable file pathname, which allows local users to gain privileges via…
|
CWE-20
Improper Input Validation
|
CVE-2012-3485
|
2024-11-21 10:40 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291274
|
- |
|
google
|
tunnelblick
|
Tunnelblick 3.3beta20 and earlier relies on a test for specific ownership and permissions to determine whether a program can be safely executed, which allows local users to bypass intended access res…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3484
|
2024-11-21 10:40 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291275
|
- |
|
google
|
tunnelblick
|
Race condition in the runScript function in Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by replacing a script file.
|
CWE-362
Race Condition
|
CVE-2012-3483
|
2024-11-21 10:40 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291276
|
- |
|
thomas_hunter
|
neoinvoice
|
SQL injection vulnerability in signup_check.php in NeoInvoice allows remote attackers to execute arbitrary SQL commands via the value parameter in a username action.
|
CWE-89
SQL Injection
|
CVE-2012-3477
|
2024-11-21 10:40 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291277
|
- |
|
gimp
|
gimp
|
Integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c in the GIF image format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service (applicati…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2012-3481
|
2024-11-21 10:40 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291278
|
- |
|
gnu
|
glibc
|
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users t…
|
CWE-189
Numeric Errors
|
CVE-2012-3480
|
2024-11-21 10:40 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291279
|
- |
|
gnu
|
emacs
|
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remot…
|
NVD-CWE-noinfo
|
CVE-2012-3479
|
2024-11-21 10:40 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291280
|
- |
|
icinga
|
icinga
|
The database creation script (module/idoutils/db/scripts/create_mysqldb.sh) in Icinga 1.7.1 grants access to all databases to the icinga user, which allows icinga users to access other databases via …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3441
|
2024-11-21 10:40 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
