|
303371
|
- |
|
emc
|
rsa_archer_smartsuite
rsa_archer_egrc
|
Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 allow remote attackers to inject arbitrary web script or HTML via u…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1064
|
2024-11-21 10:36 |
2013-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303372
|
- |
|
canonical
sebastian_heinlein
|
ubuntu_linux
aptdaemon
|
Aptdaemon 0.43 in Ubuntu 11.10 and 12.04 LTS uses short IDs when importing PPA GPG keys from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-t…
|
NVD-CWE-noinfo
|
CVE-2012-0962
|
2024-11-21 10:36 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303373
|
- |
|
debian
|
apt
advanced_package_tool
|
Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ubuntu10.x before 0.8.16~exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable perm…
|
CWE-200
Information Exposure
|
CVE-2012-0961
|
2024-11-21 10:36 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303374
|
- |
|
ps_project_management_team
|
unity-firefox-extension
|
content/unity-api.js in the unity-firefox-extension extension 2.4.1 for Firefox exposes the toDataURL function in an API call, which allows remote attackers to bypass the Same Origin Policy and obtai…
|
NVD-CWE-Other
|
CVE-2012-0958
|
2024-11-21 10:36 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303375
|
- |
|
linux
|
linux_kernel
|
The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with…
|
CWE-16
Configuration
|
CVE-2012-0957
|
2024-11-21 10:36 |
2012-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303376
|
- |
|
ps_project_management_team
|
unity-firefox-extension
|
Unity integration extension (unity-firefox-extension) before 2.4.1 for Firefox does not properly handle callbacks, which allows remote attackers to cause a denial of service (Firefox crash) and possi…
|
CWE-20
Improper Input Validation
|
CVE-2012-0960
|
2024-11-21 10:36 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303377
|
- |
|
remote_login_service_hackers
|
remote_login_service
|
Remote Login Service (RLS) 1.0.0 does not properly clear account information when switching users, which might allow physically proximate users to obtain login credentials.
|
CWE-200
Information Exposure
|
CVE-2012-0959
|
2024-11-21 10:36 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303378
|
- |
|
redhat
|
jboss_enterprise_application_platform
jboss_enterprise_soa_platform
jboss_enterprise_web_platform
jboss_enterprise_brms_platform
|
The JBoss Server in JBoss Enterprise Application Platform 5.1.x before 5.1.2 and 5.2.x before 5.2.2, Web Platform before 5.1.2, BRMS Platform before 5.3.0, and SOA Platform before 5.3.0, when the ser…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1167
|
2024-11-21 10:36 |
2012-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303379
|
- |
|
redhat
|
mod_cluster
jboss_enterprise_application_platform
|
mod_cluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, w…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1154
|
2024-11-21 10:36 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303380
|
- |
|
socialcms
|
socialcms
|
Multiple cross-site request forgery (CSRF) vulnerabilities in SocialCMS 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrator accounts vi…
|
CWE-352
Origin Validation Error
|
CVE-2012-1416
|
2024-11-21 10:36 |
2012-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
