|
295791
|
5.5 |
MEDIUM
Local
|
linux
redhat
suse
|
linux_kernel
enterprise_mrg
linux_enterprise_server
linux_enterprise_desktop
linux_enterprise_high_availability_extension
|
The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO.
|
CWE-20
Improper Input Validation
|
CVE-2012-1090
|
2024-11-21 10:36 |
2012-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295792
|
5.5 |
MEDIUM
Local
|
linux
fedoraproject
suse
|
linux_kernel
fedora
linux_enterprise_desktop
linux_enterprise_server
linux_enterprise_high_availability_extension
|
The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local …
|
CWE-476
NULL Pointer Dereference
|
CVE-2012-1146
|
2024-11-21 10:36 |
2012-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295793
|
- |
|
basercms
|
basercms
|
app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-hosting environments, which allows remote attackers to hijack sessions by leveraging administrative…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1248
|
2024-11-21 10:36 |
2012-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295794
|
- |
|
webcreate
|
web_mart
|
Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and earlier, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML by leveraging support for…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1247
|
2024-11-21 10:36 |
2012-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295795
|
- |
|
webcreate
|
web_mart
|
Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and earlier might allow remote attackers to inject arbitrary web script or HTML via a crafted cookie.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1246
|
2024-11-21 10:36 |
2012-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295796
|
- |
|
cisco
|
unified_ip_phone_firmware
unified_ip_phone
|
Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 do not properly handle downloads of configuration information to an RT phone, which allows local users to gain privileges via uns…
|
CWE-94
Code Injection
|
CVE-2012-1328
|
2024-11-21 10:36 |
2012-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295797
|
- |
|
cisco
|
ios
|
dot11t/t_if_dot11_hal_ath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (assertion failure and reboot) via 802.11 wireless traffic, as demonstrated by…
|
CWE-284
Improper Access Control
|
CVE-2012-1327
|
2024-11-21 10:36 |
2012-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295798
|
- |
|
cisco
|
ios
|
Race condition in the Zone-Based Firewall in Cisco IOS 15.1 and 15.2, when IPS policies are configured, allows remote attackers to cause a denial of service (device crash) by sending IPv6 packets, ak…
|
CWE-362
Race Condition
|
CVE-2012-1324
|
2024-11-21 10:36 |
2012-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295799
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web …
|
CWE-79
Cross-site Scripting
|
CVE-2012-1190
|
2024-11-21 10:36 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295800
|
- |
|
nttdocomo
|
spmode_mail_android
|
The NTT DOCOMO sp mode mail application 5400 and earlier for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain…
|
CWE-310
Cryptographic Issues
|
CVE-2012-1244
|
2024-11-21 10:36 |
2012-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
