|
303451
|
7.8 |
HIGH
Local
|
imagemagick
debian
canonical
opensuse
|
imagemagick
debian_linux
ubuntu_linux
opensuse
|
Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execu…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2012-1185
|
2024-11-21 10:36 |
2012-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303452
|
- |
|
libtiff
|
libtiff
|
Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTile…
|
CWE-189
Numeric Errors
|
CVE-2012-1173
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303453
|
- |
|
sebastian_heinlein
canonical
|
aptdaemon
ubuntu_linux
|
Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does not authenticate packages when the transaction is not simulated, which allows remote attackers to install arbitrary packages via …
|
CWE-287
Improper Authentication
|
CVE-2012-0944
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303454
|
- |
|
segue_project
|
segue
|
SQL injection vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-1255
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303455
|
- |
|
segue_project
|
segue
|
Cross-site scripting (XSS) vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1254
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303456
|
- |
|
opera
|
opera_browser
|
Opera before 9.63 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
|
CWE-310
Cryptographic Issues
|
CVE-2012-1251
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303457
|
- |
|
logitech
|
lan-w300n\/ru2_firmware
|
Logitec LAN-W300N/R routers with firmware before 2.27 do not properly restrict login access, which allows remote attackers to obtain administrative privileges and modify settings via vectors related …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1250
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303458
|
- |
|
roundcube
|
webmail
|
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embed…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1253
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303459
|
- |
|
rssowl
|
rssowl
|
Cross-site scripting (XSS) vulnerability in RSSOwl before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a feed, a different vulnerability than CVE-2006-4760.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1252
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303460
|
- |
|
canonical
|
ubuntu_linux
|
The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repo…
|
CWE-200
Information Exposure
|
CVE-2012-0949
|
2024-11-21 10:36 |
2012-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
