|
289711
|
- |
|
gdm-guest-session_project
canonical
|
gdm-guest-session
ubuntu_linux
|
gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as used in Ubuntu Linux 10.04 LTS, 10.10, and 11.04, allows local users to delete arbitrary files via a space in the name of a file…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6648
|
2024-11-21 10:46 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289712
|
- |
|
atlassian
|
confluence_server
|
Cross-site request forgery (CSRF) vulnerability in logout.action in Atlassian Confluence 3.4.6 allows remote attackers to hijack the authentication of administrators for requests that logout the user…
|
CWE-352
Origin Validation Error
|
CVE-2012-6342
|
2024-11-21 10:46 |
2014-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289713
|
- |
|
theforeman
|
foreman
|
The external node classifier (ENC) API in Foreman before 1.1 allows remote attackers to obtain the hashed root password via an API request.
|
CWE-200
Information Exposure
|
CVE-2013-0174
|
2024-11-21 10:46 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289714
|
- |
|
theforeman
|
foreman
|
Foreman before 1.1 uses a salt of "foreman" to hash root passwords, which makes it easier for attackers to guess the password via a brute force attack.
|
CWE-310
Cryptographic Issues
|
CVE-2013-0173
|
2024-11-21 10:46 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289715
|
- |
|
theforeman
|
foreman
|
Foreman before 1.1 allows remote attackers to execute arbitrary code via a crafted YAML object to the (1) fact or (2) report import API.
|
CWE-94
Code Injection
|
CVE-2013-0171
|
2024-11-21 10:46 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289716
|
- |
|
f-secure
|
anti-virus
psb_workstation_security
safe_anywhere
|
F-Secure Anti-Virus, Safe Anywhere, and PSB Workstation Security before 11500 for Mac OS X allows local users to disable the Mac OS X firewall via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2012-6646
|
2024-11-21 10:46 |
2014-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289717
|
- |
|
danielb
|
finder
|
Cross-site scripting (XSS) vulnerability in the autocomplete functionality in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote attackers …
|
CWE-79
Cross-site Scripting
|
CVE-2012-6645
|
2024-11-21 10:46 |
2014-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289718
|
- |
|
clip-bucket
|
clipbucket
|
Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3)…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6644
|
2024-11-21 10:46 |
2014-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289719
|
- |
|
clip-bucket
|
clipbucket
|
Multiple SQL injection vulnerabilities in the update_counter function in includes/functions.php in ClipBucket 2.6 allow remote attackers to execute arbitrary SQL commands via the time parameter to (1…
|
CWE-89
SQL Injection
|
CVE-2012-6643
|
2024-11-21 10:46 |
2014-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289720
|
- |
|
clip-bucket
|
clipbucket
|
Cross-site scripting (XSS) vulnerability in ClipBucket 2.6 allows remote attackers to inject arbitrary web script or HTML via the type parameter to view_channel.php. NOTE: the provenance of this inf…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6642
|
2024-11-21 10:46 |
2014-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
