|
296361
|
- |
|
seogento
|
seogento
|
Cross-site scripting (XSS) vulnerability in the SEOgento plugin for Magento allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this informat…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3243
|
2024-11-21 10:40 |
2015-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296362
|
- |
|
spiceworks
|
spiceworks
|
SQL injection vulnerability in SpiceWorks 5.3.75941 allows remote authenticated users to execute arbitrary SQL commands via the id parameter to api_v2.json. NOTE: this entry was SPLIT per ADT2 due t…
|
CWE-89
SQL Injection
|
CVE-2012-2956
|
2024-11-21 10:40 |
2014-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296363
|
- |
|
ibm
|
smartcloud_control_desk
maximo_asset_management
|
CRLF injection vulnerability in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote attackers to inject arbitrary HT…
|
NVD-CWE-Other
|
CVE-2012-3333
|
2024-11-21 10:40 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296364
|
- |
|
cisco
|
ios
|
Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a ne…
|
CWE-20
Improper Input Validation
|
CVE-2012-3062
|
2024-11-21 10:40 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296365
|
- |
|
redhat
|
conga
enterprise_linux
|
Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the __ac session cookie, which allows attackers to gain privileges by accessing this cookie. NOTE: this is…
|
CWE-255
Credentials Management
|
CVE-2012-3359
|
2024-11-21 10:40 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296366
|
- |
|
canonical
redhat
gnu
|
ubuntu_linux
enterprise_linux
enterprise_virtualization
glibc
|
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SP…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3406
|
2024-11-21 10:40 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296367
|
- |
|
canonical
redhat
gnu
|
ubuntu_linux
enterprise_linux
glibc
enterprise_virtualization
|
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to …
|
CWE-189
Numeric Errors
|
CVE-2012-3405
|
2024-11-21 10:40 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296368
|
- |
|
canonical
redhat
gnu
|
ubuntu_linux
enterprise_linux
enterprise_virtualization
glibc
|
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to …
|
CWE-189
Numeric Errors
|
CVE-2012-3404
|
2024-11-21 10:40 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296369
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application Platform (EAP) 5.1.2 uses 755 permissions for /var/cache/jboss-ec2-eap/, which allows local users to read sensitive information such as …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3427
|
2024-11-21 10:40 |
2014-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296370
|
- |
|
f5
|
big-ip_webaccelerator
big-ip_global_traffic_manager
big-ip_local_traffic_manager
big-ip_protocol_security_module
big-ip_wan_optimization_manager
big-ip_link_controller
big-ip_analyt…
|
Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR W…
|
CWE-89
SQL Injection
|
CVE-2012-3000
|
2024-11-21 10:40 |
2014-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
