|
295781
|
- |
|
roundcube
|
webmail
|
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embed…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1253
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295782
|
- |
|
rssowl
|
rssowl
|
Cross-site scripting (XSS) vulnerability in RSSOwl before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a feed, a different vulnerability than CVE-2006-4760.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1252
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295783
|
- |
|
canonical
|
ubuntu_linux
|
The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repo…
|
CWE-200
Information Exposure
|
CVE-2012-0949
|
2024-11-21 10:36 |
2012-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295784
|
- |
|
puppet
puppetlabs
|
puppet
puppet_enterprise_users
puppet_enterprise
|
Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3, when managing a user login file with the k5login resource type, allows local …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1054
|
2024-11-21 10:36 |
2012-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295785
|
- |
|
puppet
puppetlabs
|
puppet
puppet_enterprise_users
puppet_enterprise
|
The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1053
|
2024-11-21 10:36 |
2012-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295786
|
- |
|
zen-cart
|
zen_cart
|
Cross-site scripting (XSS) vulnerability in zc_install/includes/modules/pages/database_setup/header_php.php in Zen Cart 1.5.0 and earlier, when the software is being installed, allows remote attacker…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1413
|
2024-11-21 10:36 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295787
|
- |
|
php
|
php
|
The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle invalid [ (open square bracket) characters in name values, which makes it easier for remote attackers to cause…
|
CWE-20
Improper Input Validation
|
CVE-2012-1172
|
2024-11-21 10:36 |
2012-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295788
|
- |
|
lunascape
|
ilunascape_android
|
The iLunascape application 1.0.4.0 and earlier for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive stored information via a crafted applicatio…
|
CWE-200
Information Exposure
|
CVE-2012-1249
|
2024-11-21 10:36 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295789
|
- |
|
linux
|
linux_kernel
|
The Linux kernel before 3.3.1, when KVM is used, allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS, related to the pmd_none_or_cle…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1179
|
2024-11-21 10:36 |
2012-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295790
|
7.8 |
HIGH
Local
|
linux
redhat
suse
|
linux_kernel
enterprise_linux
enterprise_mrg
linux_enterprise_server
linux_enterprise_desktop
linux_enterprise_high_availability_extension
|
The regset (aka register set) feature in the Linux kernel before 3.2.10 does not properly handle the absence of .get and .set methods, which allows local users to cause a denial of service (NULL poin…
|
CWE-476
NULL Pointer Dereference
|
CVE-2012-1097
|
2024-11-21 10:36 |
2012-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
