|
302521
|
- |
|
openstack
|
horizon
|
Session fixation vulnerability in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie.
|
NVD-CWE-Other
|
CVE-2012-2144
|
2024-11-21 10:38 |
2012-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302522
|
- |
|
openstack
|
horizon
|
Cross-site scripting (XSS) vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 and earlier allows rem…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2094
|
2024-11-21 10:38 |
2012-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302523
|
- |
|
sympa
|
sympa
|
The archive management (arc_manage) page in wwsympa/wwsympa.fcgi.in in Sympa before 6.1.11 does not check permissions, which allows remote attackers to list, read, and delete arbitrary list archives …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2352
|
2024-11-21 10:38 |
2012-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302524
|
- |
|
puppet
fedoraproject
debian
canonical
|
puppet
puppet_enterprise
fedora
debian_linux
ubuntu_linux
|
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and file-crea…
|
CWE-78
OS Command
|
CVE-2012-1988
|
2024-11-21 10:38 |
2012-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302525
|
- |
|
puppet
puppetlabs
|
puppet
puppet_enterprise
puppet_enterprise_users
|
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with an authorized SSL key and ce…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1986
|
2024-11-21 10:38 |
2012-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302526
|
- |
|
puppet
puppetlabs
|
puppet
puppet_enterprise
puppet_enterprise_users
|
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 uses predictable file names when installing Mac OS X packages from …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1906
|
2024-11-21 10:38 |
2012-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302527
|
- |
|
puppet
puppetlabs
|
puppet
puppet_enterprise
puppet_enterprise_users
|
Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with…
|
NVD-CWE-noinfo
|
CVE-2012-1987
|
2024-11-21 10:38 |
2012-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302528
|
- |
|
sitracker
|
support_incident_tracker
|
Cross-site scripting (XSS) vulnerability in Support Incident Tracker (SiT!) 3.65 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter to index.php, which is…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2235
|
2024-11-21 10:38 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302529
|
- |
|
ibm
|
lotus_quickr
|
Multiple stack-based buffer overflows in a certain ActiveX control in qp2.cab in IBM Lotus Quickr 8.2 before 8.2.0.27-002a for Domino allow remote attackers to execute arbitrary code via a long argum…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2176
|
2024-11-21 10:38 |
2012-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302530
|
- |
|
adobe
|
illustrator
illustrator_cs5.5
|
Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-201…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2042
|
2024-11-21 10:38 |
2012-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
