|
293821
|
- |
|
moodle
|
moodle
|
lib/formslib.php in Moodle 2.2.x before 2.2.6 and 2.3.x before 2.3.3 allows remote authenticated users to bypass intended access restrictions via a modified value of a frozen form field.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5472
|
2024-11-21 10:44 |
2012-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293822
|
- |
|
moodle
|
moodle
|
The Dropbox Repository File Picker in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to access the Dropbox of a different user by leveraging a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5471
|
2024-11-21 10:44 |
2012-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293823
|
- |
|
firebirdsql
|
firebird
|
TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by preparing an empty dynamic SQL …
|
CWE-399
Resource Management Errors
|
CVE-2012-5529
|
2024-11-21 10:44 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293824
|
- |
|
apple
|
cups
|
CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local use…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5519
|
2024-11-21 10:44 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293825
|
- |
|
asial
|
monaca_debugger
|
The Asial Monaca Debugger application before 1.4.2 for Android allows remote attackers to obtain sensitive (1) account or (2) session ID information in a system log file via a crafted application.
|
CWE-200
Information Exposure
|
CVE-2012-5172
|
2024-11-21 10:44 |
2012-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293826
|
- |
|
mantisbt
|
mantisbt
|
core/email_api.php in MantisBT before 1.2.12 does not properly manage the sending of e-mail notifications about restricted bugs, which might allow remote authenticated users to obtain sensitive infor…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5523
|
2024-11-21 10:44 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293827
|
- |
|
mantisbt
|
mantisbt
|
MantisBT before 1.2.12 does not use an expected default value during decisions about whether a user may modify the status of a bug, which allows remote authenticated users to bypass intended access r…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5522
|
2024-11-21 10:44 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293828
|
- |
|
vmware
|
player
workstation
|
Untrusted search path vulnerability in VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows allows host OS users to gain host OS privileges via a Trojan horse DLL in a "s…
|
NVD-CWE-Other
|
CVE-2012-5459
|
2024-11-21 10:44 |
2012-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293829
|
- |
|
vmware
|
player
workstation
|
VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a cra…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5458
|
2024-11-21 10:44 |
2012-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293830
|
- |
|
adobe
|
flash_player
flash_player_for_android
adobe_air
adobe_air_sdk
|
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5287
|
2024-11-21 10:44 |
2012-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
