|
295241
|
- |
|
dell
|
crowbar
|
Cross-site scripting (XSS) vulnerability in crowbar_framework/app/views/support/index.html.haml in the Crowbar barclamp in Crowbar, possibly 1.4 and earlier, allows remote attackers to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3551
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295242
|
- |
|
openstack
|
essex
horizon
|
OpenStack Keystone, as used in OpenStack Folsom before folsom-rc1 and OpenStack Essex (2012.1), allows remote attackers to add an arbitrary user to an arbitrary tenant via a request to update the use…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3542
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295243
|
- |
|
openstack
|
horizon
|
Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a …
|
CWE-20
Improper Input Validation
|
CVE-2012-3540
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295244
|
- |
|
dell
|
crowbar
|
The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands vi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3537
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295245
|
- |
|
uclouvain
|
openjpeg
|
Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3535
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295246
|
- |
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the Install Tool in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3531
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295247
|
- |
|
typo3
|
typo3
|
Incomplete blacklist vulnerability in the t3lib_div::quoteJSvalue API function in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to conduct cross-site s…
|
NVD-CWE-Other
|
CVE-2012-3530
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295248
|
- |
|
typo3
|
typo3
|
The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified…
|
CWE-200
Information Exposure
|
CVE-2012-3529
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295249
|
- |
|
typo3
|
typo3
|
Multiple cross-site scripting (XSS) vulnerabilities in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allow remote authenticated backend users to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3528
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295250
|
- |
|
typo3
debian
|
typo3
debian_linux
|
view_help.php in the backend help system in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to unserialize arbitrary objects and possib…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2012-3527
|
2024-11-21 10:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
