|
290671
|
- |
|
google
xmlsoft
apple
|
chrome
libxml2
iphone_os
|
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5134
|
2024-11-21 10:44 |
2012-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290672
|
- |
|
opensuse
google
|
opensuse
chrome
|
Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters.
|
CWE-416
Use After Free
|
CVE-2012-5133
|
2024-11-21 10:44 |
2012-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290673
|
- |
|
opensuse
google
|
opensuse
chrome
|
Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service (application crash) via a response with chunked transfer coding.
|
NVD-CWE-noinfo
|
CVE-2012-5132
|
2024-11-21 10:44 |
2012-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290674
|
- |
|
google
|
chrome
|
Google Chrome before 23.0.1271.91 on Mac OS X does not properly mitigate improper rendering behavior in the Intel GPU driver, which allows remote attackers to cause a denial of service or possibly ha…
|
NVD-CWE-noinfo
|
CVE-2012-5131
|
2024-11-21 10:44 |
2012-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290675
|
- |
|
opensuse
google
|
opensuse
chrome
|
Skia, as used in Google Chrome before 23.0.1271.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
CWE-125
Out-of-bounds Read
|
CVE-2012-5130
|
2024-11-21 10:44 |
2012-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290676
|
- |
|
openvas
|
openvas_manager
|
The send_to_sourcefire function in manage_sql.c in OpenVAS Manager 3.x before 3.0.4 allows remote attackers to execute arbitrary commands via the (1) IP address or (2) port number field in an OMP req…
|
CWE-20
Improper Input Validation
|
CVE-2012-5520
|
2024-11-21 10:44 |
2012-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290677
|
- |
|
lighttpd
|
lighttpd
|
The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token…
|
CWE-399
Resource Management Errors
|
CVE-2012-5533
|
2024-11-21 10:44 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290678
|
- |
|
bigace
|
bigace
|
Session fixation vulnerability in BIGACE before 2.7.8 allows remote attackers to hijack web sessions via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2012-5173
|
2024-11-21 10:44 |
2012-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290679
|
- |
|
andy_armstrong
|
cgi.pm
|
CGI.pm module before 3.63 for Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applicati…
|
CWE-16
Configuration
|
CVE-2012-5526
|
2024-11-21 10:44 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290680
|
- |
|
moodle
|
moodle
|
Moodle 2.3.x before 2.3.3 allows remote authenticated users to bypass the moodle/role:manage capability requirement and read all capability data by visiting the Check Permissions page.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5481
|
2024-11-21 10:44 |
2012-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
