|
299941
|
- |
|
tecnick
|
tcexam
|
Multiple SQL injection vulnerabilities in Nicola Asuni TCExam before 11.3.009 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the (1) user_g…
|
CWE-89
SQL Injection
|
CVE-2012-4601
|
2024-11-21 10:43 |
2012-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299942
|
- |
|
xen
|
xen
|
Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments…
|
CWE-399
Resource Management Errors
|
CVE-2012-4539
|
2024-11-21 10:43 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299943
|
- |
|
xen
|
xen
|
Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause…
|
CWE-16
Configuration
|
CVE-2012-4537
|
2024-11-21 10:43 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299944
|
- |
|
xen
|
xen
|
The (1) domain_pirq_to_emuirq and (2) physdev_unmap_pirq functions in Xen 2.2 allows local guest OS administrators to cause a denial of service (Xen crash) via a crafted pirq value that triggers an o…
|
NVD-CWE-noinfo
|
CVE-2012-4536
|
2024-11-21 10:43 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299945
|
- |
|
xen
|
xen
|
Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inapp…
|
CWE-399
Resource Management Errors
|
CVE-2012-4535
|
2024-11-21 10:43 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299946
|
- |
|
mcrypt
|
mcrypt
|
Stack-based buffer overflow in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name. NOTE: it …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4527
|
2024-11-21 10:43 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299947
|
- |
|
uninett
|
radsecproxy
|
The DTLS support in radsecproxy before 1.6.2 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the ce…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4566
|
2024-11-21 10:43 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299948
|
- |
|
google
|
web_toolkit
|
Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) 2.4 Beta and release candidates before 2.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vector…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4563
|
2024-11-21 10:43 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299949
|
- |
|
uninett
|
radsecproxy
|
radsecproxy before 1.6.1 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, whi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4523
|
2024-11-21 10:43 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299950
|
- |
|
cups-pk-helper_project
|
cups-pk-helper
|
cups-pk-helper before 0.2.3 does not properly wrap the (1) cupsGetFile and (2) cupsPutFile function calls, which allows user-assisted remote attackers to read or overwrite sensitive files using CUPS …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4510
|
2024-11-21 10:43 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
