|
295611
|
- |
|
extplorer
|
extplorer
|
eXtplorer 2.1.0b6 uses world writable permissions for the /var/lib/extplorer/ftp_tmp directory, which allows local users to delete or overwrite arbitrary files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3454
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295612
|
- |
|
debian
|
logol
|
logol 1.5.0 uses world writable permissions for the /var/lib/logol/results directory, which allows local users to delete or overwrite arbitrary files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3453
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295613
|
- |
|
gnome
|
screensaver
|
gnome-screensaver 3.4.x before 3.4.4 and 3.5.x before 3.5.4, when multiple screens are used, only locks the screen with the active focus, which allows physically proximate attackers to bypass screen …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3452
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295614
|
- |
|
openvswitch
|
openvswitch
|
Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3449
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295615
|
- |
|
kde
|
kde_pim
|
The HTMLQuoteColorer::process function in messageviewer/htmlquotecolorer.cpp in KDE PIM 4.6 through 4.8 does not disable JavaScript, Java, and Plugins, which allows remote attackers to inject arbitra…
|
CWE-16
Configuration
|
CVE-2012-3413
|
2024-11-21 10:40 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295616
|
- |
|
ganglia
|
ganglia-web
|
Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote attackers to execute arbitrary PHP code via unknown attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-3448
|
2024-11-21 10:40 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295617
|
- |
|
php
|
php
|
pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x before 5.4.4 does not properly determine the end of the query string during parsing of prepared statements, which allows remote a…
|
NVD-CWE-Other
|
CVE-2012-3450
|
2024-11-21 10:40 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295618
|
- |
|
puppetlabs
puppet
|
puppet
puppet_enterprise
|
lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet Enterprise before 2.5.2, supports use of IP addresses in certnames without warning of potential risks, which might allow remote att…
|
CWE-287
Improper Authentication
|
CVE-2012-3408
|
2024-11-21 10:40 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295619
|
- |
|
siemens
|
synco_ozw_web_server
synco_ozw_web_server_firmware
|
The Siemens Synco OZW Web Server devices OZW672.*, OZW772.*, and OZW775 with firmware before 4 have an unspecified default password, which makes it easier for remote attackers to obtain administrativ…
|
CWE-255
Credentials Management
|
CVE-2012-3020
|
2024-11-21 10:40 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295620
|
- |
|
djangoproject
|
django
|
The get_image_dimensions function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions, which allows re…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3444
|
2024-11-21 10:40 |
2012-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
