|
290901
|
7.8 |
HIGH
Local
|
freebsd
debian
|
freebsd
debian_linux
|
FreeBSD: Input Validation Flaw allows local users to gain elevated privileges
|
CWE-20
Improper Input Validation
|
CVE-2012-4576
|
2024-11-21 10:43 |
2019-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290902
|
6.1 |
MEDIUM
Network
|
piwigo
|
piwigo
|
piwigo has XSS in password.php (incomplete fix for CVE-2012-4525)
|
CWE-79
Cross-site Scripting
|
CVE-2012-4526
|
2024-11-21 10:43 |
2019-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290903
|
6.1 |
MEDIUM
Network
|
piwigo
|
piwigo
|
piwigo has XSS in password.php
|
CWE-79
Cross-site Scripting
|
CVE-2012-4525
|
2024-11-21 10:43 |
2019-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290904
|
7.5 |
HIGH
Network
|
sillycycle
fedoraproject
|
xlockmore
fedora
|
xlockmore before 5.43 'dclock' security bypass vulnerability
|
CWE-20
Improper Input Validation
|
CVE-2012-4524
|
2024-11-21 10:43 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290905
|
9.8 |
CRITICAL
Network
|
letodms_project
|
letodms
|
SQL injection vulnerability in LetoDMS_Core/Core/inc.ClassDMS.php in LetoDMS (formerly MyDMS) before 3.3.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-4570
|
2024-11-21 10:43 |
2017-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290906
|
6.1 |
MEDIUM
Network
|
letodms_project
|
letodms
|
Multiple cross-site scripting (XSS) vulnerabilities in out/out.UsrMgr.php in LetoDMS (formerly MyDMS) before 3.3.9 allow remote attackers to inject arbitrary web script or HTML via unspecified vector…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4569
|
2024-11-21 10:43 |
2017-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290907
|
8.8 |
HIGH
Network
|
letodms_project
|
letodms
|
Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) before 3.3.8 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2012-4568
|
2024-11-21 10:43 |
2017-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290908
|
6.1 |
MEDIUM
Network
|
letodms_project
|
letodms
|
Multiple cross-site scripting (XSS) vulnerabilities in LetoDMS (formerly MyDMS) before 3.3.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) inc/inc.Cl…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4567
|
2024-11-21 10:43 |
2017-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290909
|
6.5 |
MEDIUM
Network
|
cisco
|
ios
|
Cisco IOS before 15.2(4)S6 does not initialize an unspecified variable, which might allow remote authenticated users to cause a denial of service (CPU consumption, watchdog timeout, crash) by walking…
|
CWE-399
Resource Management Errors
|
CVE-2012-5030
|
2024-11-21 10:43 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290910
|
8.1 |
HIGH
Adjacent
|
cisco
|
adaptive_security_appliance_software
|
ASA 5515-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.4.x before 9.4.1 Interim, 9.2.x before 9.2.4 Interim, ASA 5510 Adaptive Security Appliance Adaptive Security Applia…
|
CWE-254
7PK - Security Features
|
CVE-2012-5010
|
2024-11-21 10:43 |
2017-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
