|
302881
|
- |
|
ibm
|
rational_appscan
|
IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly scan file: URLs, which allows man-in-the-middle attackers to obtain sensitive information or possibly have unspecified oth…
|
CWE-20
Improper Input Validation
|
CVE-2012-0735
|
2024-11-21 10:35 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302882
|
- |
|
ibm
|
rational_appscan
|
IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly import jobs, which allows man-in-the-middle attackers to obtain sensitive information or possibly have unspecified other i…
|
NVD-CWE-noinfo
|
CVE-2012-0734
|
2024-11-21 10:35 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302883
|
- |
|
ibm
|
rational_appscan
|
IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1, when Integrated Windows authentication is used, allows remote authenticated users to obtain administrative privileges by hijacking a sessio…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0733
|
2024-11-21 10:35 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302884
|
- |
|
ibm
|
rational_appscan
|
The Enterprise Console client in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof serv…
|
CWE-310
Cryptographic Issues
|
CVE-2012-0732
|
2024-11-21 10:35 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302885
|
- |
|
ibm
|
rational_appscan
|
IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not prevent service-account impersonation, which allows remote authenticated users to read arbitrary files via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2012-0731
|
2024-11-21 10:35 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302886
|
- |
|
ibm
|
rational_appscan
|
Multiple cross-site request forgery (CSRF) vulnerabilities in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allow remote attackers to hijack the authentication of administrators for requ…
|
CWE-352
Origin Validation Error
|
CVE-2012-0730
|
2024-11-21 10:35 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302887
|
- |
|
ibm
|
rational_appscan
|
Unrestricted file upload vulnerability in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allows remote authenticated users to execute arbitrary ASP.NET code by uploading a .aspx file, and…
|
NVD-CWE-Other
|
CVE-2012-0729
|
2024-11-21 10:35 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302888
|
- |
|
pythonpaste
|
paste
|
Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leverag…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0878
|
2024-11-21 10:35 |
2012-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302889
|
- |
|
mumble
|
mumble
|
Mumble 1.2.3 and earlier uses world-readable permissions for .local/share/data/Mumble/.mumble.sqlite files in home directories, which might allow local users to obtain a cleartext password and config…
|
CWE-310
Cryptographic Issues
|
CVE-2012-0863
|
2024-11-21 10:35 |
2012-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302890
|
- |
|
mozilla
|
bugzilla
|
template/en/default/list/list.js.tmpl in Bugzilla 2.x and 3.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and 4.1.x and 4.2.x before 4.2.1 does not properly handle multiple logins, which allows remot…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0466
|
2024-11-21 10:35 |
2012-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
