|
292291
|
- |
|
puppetlabs
puppet
debian
canonical
suse
opensuse
|
puppet
debian_linux
ubuntu_linux
linux_enterprise_server
linux_enterprise_desktop
opensuse
puppet_enterprise
|
lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Ce…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3867
|
2024-11-21 10:41 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292292
|
- |
|
puppetlabs
puppet
|
puppet
puppet_enterprise
|
lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for last_run_report.yaml, which allows local users to obtain sensitive configuration in…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3866
|
2024-11-21 10:41 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292293
|
- |
|
puppetlabs
puppet
|
puppet
puppet_enterprise
|
Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remot…
|
CWE-22
Path Traversal
|
CVE-2012-3865
|
2024-11-21 10:41 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292294
|
- |
|
puppetlabs
puppet
|
puppet
puppet_enterprise
|
Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user…
|
CWE-200
Information Exposure
|
CVE-2012-3864
|
2024-11-21 10:41 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292295
|
- |
|
bitcoin
|
bitcoin_core
|
Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.7rc3, 0.5.x before 0.5.6rc3, 0.6.0.x before 0.6.0.9rc1, and 0.6.x before 0.6.3rc1 allows remote attackers to cause a denial of service …
|
NVD-CWE-noinfo
|
CVE-2012-3789
|
2024-11-21 10:41 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292296
|
- |
|
sonicwall
|
scrutinizer
|
The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows r…
|
CWE-89
SQL Injection
|
CVE-2012-3951
|
2024-11-21 10:41 |
2012-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292297
|
- |
|
sonicwall
|
scrutinizer
|
Multiple cross-site scripting (XSS) vulnerabilities in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 allow remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3848
|
2024-11-21 10:41 |
2012-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292298
|
- |
|
airdroid
|
airdroid
|
The login implementation in AirDroid 1.0.4 beta allows remote attackers to bypass a multiple-login protection mechanism by modifying a pass value within JSON data.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3888
|
2024-11-21 10:41 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292299
|
- |
|
airdroid
|
airdroid
|
AirDroid before 1.0.7 beta uses a cleartext base64 format for data transfer that is documented as an "Encrypted Transmission" feature, which allows remote attackers to obtain sensitive information by…
|
CWE-310
Cryptographic Issues
|
CVE-2012-3887
|
2024-11-21 10:41 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292300
|
- |
|
airdroid
|
airdroid
|
AirDroid 1.0.4 beta uses the MD5 algorithm for values in the checklogin key parameter and 7bb cookie, which makes it easier for remote attackers to obtain cleartext data by sniffing the local wireles…
|
CWE-200
Information Exposure
|
CVE-2012-3886
|
2024-11-21 10:41 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
