|
294371
|
- |
|
apache
|
http_server
|
The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to ca…
|
CWE-399
Resource Management Errors
|
CVE-2012-4557
|
2024-11-21 10:43 |
2012-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294372
|
- |
|
ibm
|
tivoli_endpoint_manager
|
Unspecified vulnerability in Tivoli Endpoint Manager for Remote Control Broker 8.2 before 8.2.1-TIV-TEMRC821-IF0002 allows remote attackers to cause a denial of service (resource consumption) via unk…
|
CWE-399
Resource Management Errors
|
CVE-2012-4841
|
2024-11-21 10:43 |
2012-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294373
|
- |
|
samsung
|
printer_firmware
|
The Samsung printer firmware before 20121031 has a hardcoded read-write SNMP community, which makes it easier for remote attackers to obtain administrative access via an SNMP request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4964
|
2024-11-21 10:43 |
2012-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294374
|
- |
|
emc
|
it_operations_intelligence
|
EMC Smarts Network Configuration Manager (NCM) before 9.1 uses a hardcoded encryption key for the storage of credentials, which allows local users to obtain sensitive information via unspecified vect…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4615
|
2024-11-21 10:43 |
2012-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294375
|
- |
|
emc
|
it_operations_intelligence
|
The default configuration of EMC Smarts Network Configuration Manager (NCM) before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact…
|
CWE-287
Improper Authentication
|
CVE-2012-4614
|
2024-11-21 10:43 |
2012-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294376
|
- |
|
emc
|
rsa_adaptive_authentication_on-premise
|
Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Adaptive Authentication On-Premise (AAOP) before 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vecto…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4611
|
2024-11-21 10:43 |
2012-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294377
|
- |
|
xen
|
xen
|
The HVMOP_pagetable_dying hypercall in Xen 4.0, 4.1, and 4.2 does not properly check the pagetable state when running on shadow pagetables, which allows a local HVM guest OS to cause a denial of serv…
|
CWE-20
Improper Input Validation
|
CVE-2012-4538
|
2024-11-21 10:43 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294378
|
- |
|
ruby-lang
|
ruby
|
The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4522
|
2024-11-21 10:43 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294379
|
- |
|
tecnick
|
tcexam
|
Multiple cross-site scripting (XSS) vulnerabilities in admin/code/tce_select_users_popup.php in Nicola Asuni TCExam before 11.3.009 allow remote attackers to inject arbitrary web script or HTML via t…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4602
|
2024-11-21 10:43 |
2012-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294380
|
- |
|
tecnick
|
tcexam
|
Multiple SQL injection vulnerabilities in Nicola Asuni TCExam before 11.3.009 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the (1) user_g…
|
CWE-89
SQL Injection
|
CVE-2012-4601
|
2024-11-21 10:43 |
2012-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
