|
302701
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in the outputPage function in includes/SkinTemplate.php in MediaWiki before 1.17.5, 1.18.x before 1.18.4, and 1.19.x before 1.19.1 allows remote attackers to …
|
CWE-79
Cross-site Scripting
|
CVE-2012-2698
|
2024-11-21 10:39 |
2012-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302702
|
- |
|
libguestfs
|
libguestfs
|
virt-edit in libguestfs before 1.18.0 does not preserve the permissions from the original file and saves the new file with world-readable permissions when editing, which might allow local guest users…
|
CWE-255
Credentials Management
|
CVE-2012-2690
|
2024-11-21 10:39 |
2012-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302703
|
- |
|
redhat
|
sos
|
The sosreport utility in the Red Hat sos package before 2.2-29 does not remove the root user password information from the Kickstart configuration file (/root/anaconda-ks.cfg) when creating an archiv…
|
CWE-255
Credentials Management
|
CVE-2012-2664
|
2024-11-21 10:39 |
2012-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302704
|
- |
|
mikel_olasagasti
|
revelation
|
Revelation 0.4.13-2 and earlier does not iterate through SHA hashing algorithms for AES encryption, which makes it easier for context-dependent attackers to guess passwords via a brute force attack.
|
CWE-255
Credentials Management
|
CVE-2012-2743
|
2024-11-21 10:39 |
2012-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302705
|
- |
|
mikel_olasagasti
|
revelation
|
Revelation 0.4.13-2 and earlier uses only the first 32 characters of a password followed by a sequence of zeros, which reduces the entropy and makes it easier for context-dependent attackers to crack…
|
CWE-255
Credentials Management
|
CVE-2012-2742
|
2024-11-21 10:39 |
2012-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302706
|
- |
|
mathew_winstone
|
mobile_tools
|
Multiple cross-site scripting (XSS) vulnerabilities in the Mobile Tools module 6.x-2.x before 6.x-2.3 for Drupal allow remote attackers to inject arbitrary web script or HTML via the (1) Mobile URL f…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2717
|
2024-11-21 10:39 |
2012-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302707
|
- |
|
shlomi_fish
|
config-inifiles
|
The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these detai…
|
NVD-CWE-Other
|
CVE-2012-2451
|
2024-11-21 10:39 |
2012-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302708
|
- |
|
strongswan
|
strongswan
|
The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
|
CWE-287
Improper Authentication
|
CVE-2012-2388
|
2024-11-21 10:39 |
2012-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302709
|
- |
|
google
|
chrome
|
Integer overflow in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted data in the Matroska container format.
|
CWE-189
Numeric Errors
|
CVE-2012-2834
|
2024-11-21 10:39 |
2012-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302710
|
- |
|
google
|
chrome
|
Buffer overflow in the JS API in the PDF functionality in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2833
|
2024-11-21 10:39 |
2012-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
