|
301411
|
- |
|
torproject
|
tor
|
The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemo…
|
NVD-CWE-noinfo
|
CVE-2012-4419
|
2024-11-21 10:42 |
2012-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301412
|
- |
|
isc
|
bind
|
ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and na…
|
NVD-CWE-noinfo
|
CVE-2012-4244
|
2024-11-21 10:42 |
2012-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301413
|
- |
|
moinmo
|
moinmoin
|
security/__init__.py in MoinMoin 1.9 through 1.9.4 does not properly handle group names that contain virtual group names such as "All," "Known," or "Trusted," which allows remote authenticated users …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4404
|
2024-11-21 10:42 |
2012-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301414
|
- |
|
cybozu
|
kunai
|
The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application th…
|
CWE-200
Information Exposure
|
CVE-2012-4012
|
2024-11-21 10:42 |
2012-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301415
|
- |
|
cybozu
|
kunai
|
The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site.
|
CWE-78
OS Command
|
CVE-2012-4011
|
2024-11-21 10:42 |
2012-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301416
|
- |
|
php
canonical
debian
|
php
ubuntu_linux
debian_linux
|
The sapi_header_op function in main/SAPI.c in PHP 5.4.0RC2 through 5.4.0 does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote at…
|
CWE-20
Improper Input Validation
|
CVE-2012-4388
|
2024-11-21 10:42 |
2012-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301417
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) calendar displayname to part.choosecalendar.rowf…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4397
|
2024-11-21 10:42 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301418
|
- |
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in index.php in ownCloud before 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the redirect_url parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4395
|
2024-11-21 10:42 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301419
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) file names to apps/user_ldap/settings.php; (2) u…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4396
|
2024-11-21 10:42 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301420
|
- |
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in apps/files/js/filelist.js in ownCloud before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4394
|
2024-11-21 10:42 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
