|
301661
|
- |
|
symantec
|
web_gateway
|
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary commands via crafted input to application scripts.
|
CWE-78
OS Command
|
CVE-2012-2953
|
2024-11-21 10:40 |
2012-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301662
|
- |
|
wordpress
|
wordpress
|
WordPress before 3.4.1 does not properly restrict access to post contents such as private or draft posts, which allows remote authors or contributors to obtain sensitive information via unknown vecto…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3385
|
2024-11-21 10:40 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301663
|
- |
|
wordpress
|
wordpress
|
Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress before 3.4.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2012-3384
|
2024-11-21 10:40 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301664
|
- |
|
wordpress
|
wordpress
|
The map_meta_cap function in wp-includes/capabilities.php in WordPress 3.4.x before 3.4.2, when the multisite feature is enabled, does not properly assign the unfiltered_html capability, which allows…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3383
|
2024-11-21 10:40 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301665
|
- |
|
openstack
|
essex
folsom
diablo
|
virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3361
|
2024-11-21 10:40 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301666
|
- |
|
openstack
|
essex
folsom
|
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to wr…
|
CWE-22
Path Traversal
|
CVE-2012-3360
|
2024-11-21 10:40 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301667
|
- |
|
viewvc
|
viewvc
|
The SVN revision view (lib/vclib/svn/svn_repos.py) in ViewVC before 1.1.15 does not properly handle log messages when a readable path is copied from an unreadable path, which allows remote attackers …
|
CWE-200
Information Exposure
|
CVE-2012-3357
|
2024-11-21 10:40 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301668
|
- |
|
viewvc
|
viewvc
|
The remote SVN views functionality (lib/vclib/svn/svn_ra.py) in ViewVC before 1.1.15 does not properly perform authorization, which allows remote attackers to bypass intended access restrictions via …
|
CWE-287
Improper Authentication
|
CVE-2012-3356
|
2024-11-21 10:40 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301669
|
- |
|
php
|
php
|
The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3365
|
2024-11-21 10:40 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301670
|
- |
|
osisoft
|
pi_opc_da_interface
|
Stack-based buffer overflow in OSIsoft PI OPC DA Interface before 2.3.20.9 allows remote authenticated users to execute arbitrary code by sending packet data during the processing of messages associa…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3008
|
2024-11-21 10:40 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
