|
292131
|
5.4 |
MEDIUM
Network
|
ibm
|
infosphere_guardium
|
IBM InfoSphere Guardium 7.0, 8.0, 8.01, and 8.2 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3341
|
2024-11-21 10:40 |
2020-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292132
|
4.3 |
MEDIUM
Network
|
ibm
|
infosphere_guardium
|
IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to XML external entity injection, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vul…
|
CWE-776
XML Entity Expansion
|
CVE-2012-3340
|
2024-11-21 10:40 |
2020-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292133
|
5.3 |
MEDIUM
Network
|
ibm
|
infosphere_guardium
|
IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to bypass security restrictions, caused by improper restrictions on the create new user account functionality. An attacker cou…
|
CWE-20
Improper Input Validation
|
CVE-2012-3338
|
2024-11-21 10:40 |
2020-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292134
|
5.3 |
MEDIUM
Network
|
ibm
|
infosphere_guardium
|
IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" s…
|
CWE-22
Path Traversal
|
CVE-2012-3337
|
2024-11-21 10:40 |
2020-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292135
|
8.8 |
HIGH
Network
|
ibm
|
infosphere_guardium
|
IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to multiple scripts, which could allow the attac…
|
CWE-89
SQL Injection
|
CVE-2012-3336
|
2024-11-21 10:40 |
2020-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292136
|
6.1 |
MEDIUM
Network
|
longtailvideo
|
jw_player
|
Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player through 5.10.2295 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3)…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3351
|
2024-11-21 10:40 |
2020-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292137
|
8.1 |
HIGH
Network
|
gatewaygeomatics
|
mapserver
|
Gateway Geomatics MapServer for Windows before 3.0.6 contains a Local File Include Vulnerability which allows remote attackers to execute local PHP code and obtain sensitive information.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2012-2950
|
2024-11-21 10:40 |
2020-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292138
|
8.8 |
HIGH
Network
|
wisc
|
htcondor
|
The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x befo…
|
NVD-CWE-noinfo
|
CVE-2012-3490
|
2024-11-21 10:40 |
2020-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292139
|
8.8 |
HIGH
Network
|
fedoraproject
|
sssd
|
A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup o…
|
CWE-287
Improper Authentication
|
CVE-2012-3462
|
2024-11-21 10:40 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292140
|
7.8 |
HIGH
Local
|
ecryptfs
debian
|
ecryptfs-utils
debian_linux
|
ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation
|
CWE-20
Improper Input Validation
|
CVE-2012-3409
|
2024-11-21 10:40 |
2019-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
