|
301031
|
- |
|
rsa
emc
|
authentication_manager
rsa_authentication_manager
securid_appliance
|
EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 do not properly use frames, which allows remote attackers to inject arbitrary web script or HTML via uns…
|
NVD-CWE-Other
|
CVE-2012-2280
|
2024-11-21 10:38 |
2012-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301032
|
- |
|
rsa
emc
|
authentication_manager
rsa_authentication_manager
securid_appliance
|
Open redirect vulnerability in the Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 allows remote attackers to redirect users to arbi…
|
CWE-20
Improper Input Validation
|
CVE-2012-2279
|
2024-11-21 10:38 |
2012-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301033
|
- |
|
rsa
emc
|
authentication_manager
rsa_authentication_manager
securid_appliance
|
Multiple cross-site scripting (XSS) vulnerabilities in the (1) Self-Service Console and (2) Security Console in EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before …
|
CWE-79
Cross-site Scripting
|
CVE-2012-2278
|
2024-11-21 10:38 |
2012-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301034
|
- |
|
debian
mahara
|
debian_linux
mahara
|
The default configuration of the auth/saml plugin in Mahara before 1.4.2 sets the "Match username attribute to Remote username" option to false, which allows remote SAML IdP servers to spoof users of…
|
CWE-287
CWE-16
CWE-284
Improper Authentication
Configuration
Improper Access Control
|
CVE-2012-2351
|
2024-11-21 10:38 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301035
|
- |
|
hp
|
operations_agent
|
Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1326.
|
NVD-CWE-noinfo
|
CVE-2012-2020
|
2024-11-21 10:38 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301036
|
- |
|
hp
|
operations_agent
|
Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1325.
|
NVD-CWE-noinfo
|
CVE-2012-2019
|
2024-11-21 10:38 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301037
|
- |
|
apache
|
org.apache.sling.servlets.post
|
The @CopyFrom operation in the POST servlet in the org.apache.sling.servlets.post bundle before 2.1.2 in Apache Sling does not prevent attempts to copy an ancestor node to a descendant node, which al…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2138
|
2024-11-21 10:38 |
2012-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301038
|
- |
|
php
|
php
|
Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash)…
|
CWE-189
Numeric Errors
|
CVE-2012-2386
|
2024-11-21 10:38 |
2012-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301039
|
- |
|
hp
|
network_node_manager_i
|
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 8.x, 9.0x, and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2018
|
2024-11-21 10:38 |
2012-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301040
|
- |
|
rsa
|
access_manager_server
access_manager_agent
|
EMC RSA Access Manager Server 6.x before 6.1 SP4 and RSA Access Manager Agent do not properly validate session tokens after a logout, which might allow remote attackers to conduct replay attacks via …
|
CWE-287
Improper Authentication
|
CVE-2012-2281
|
2024-11-21 10:38 |
2012-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
