|
291331
|
7.8 |
HIGH
Local
|
ovirt
fedoraproject
|
mom
fedora
|
mom creates world-writable pid files in /var/run
|
CWE-269
Improper Privilege Management
|
CVE-2012-4480
|
2024-11-21 10:42 |
2019-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291332
|
7.5 |
HIGH
Network
|
openslp
debian
fedoraproject
canonical
|
openslp
debian_linux
fedora
ubuntu_linux
|
openslp: SLPIntersectStringList()' Function has a DoS vulnerability
|
CWE-125
Out-of-bounds Read
|
CVE-2012-4428
|
2024-11-21 10:42 |
2019-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291333
|
6.1 |
MEDIUM
Network
|
jenkins
|
jenkins
|
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the CI game plugin.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4441
|
2024-11-21 10:42 |
2019-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291334
|
6.1 |
MEDIUM
Network
|
jenkins
|
jenkins
|
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the Violations plugin.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4440
|
2024-11-21 10:42 |
2019-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291335
|
6.1 |
MEDIUM
Network
|
jenkins
|
jenkins
|
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL that points to Jenkins.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4439
|
2024-11-21 10:42 |
2019-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291336
|
8.8 |
HIGH
Network
|
jenkins
|
jenkins
|
Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code.
|
CWE-20
Improper Input Validation
|
CVE-2012-4438
|
2024-11-21 10:42 |
2019-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291337
|
6.5 |
MEDIUM
Network
|
trilexnet
debian
|
letodms
debian_linux
|
letodms 3.3.6 has CSRF via change password
|
CWE-352
Origin Validation Error
|
CVE-2012-4385
|
2024-11-21 10:42 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291338
|
6.1 |
MEDIUM
Network
|
trilexnet
debian
|
letodms
debian_linux
|
letodms has multiple XSS issues: Reflected XSS in Login Page, Stored XSS in Document Owner/User name, Stored XSS in Calendar
|
CWE-79
Cross-site Scripting
|
CVE-2012-4384
|
2024-11-21 10:42 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291339
|
9.8 |
CRITICAL
Network
|
apache
|
hadoop
|
Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a 20-bit secret when Kerberos security features are enabled, which makes it easier for context-depen…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2012-4449
|
2024-11-21 10:42 |
2017-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291340
|
6.1 |
MEDIUM
Network
|
mediawiki
|
mediawiki
|
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki before 1.18.5 and 1.19.x before 1.19.2, when unspecified JavaScript gadgets are used, allow remote attackers to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4378
|
2024-11-21 10:42 |
2017-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
