|
302611
|
- |
|
redmine
|
redmine
|
Redmine before 1.3.2 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set attributes in the (1) Comment, (2) Document, (3) Iss…
|
CWE-255
Credentials Management
|
CVE-2012-2054
|
2024-11-21 10:38 |
2012-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302612
|
- |
|
f5
|
firepass
|
The sudoers file in the Linux system configuration in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 does not require a password for executing commands as root, which allows local users to gain privileges…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2053
|
2024-11-21 10:38 |
2012-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302613
|
- |
|
socialcms
|
socialcms
|
Cross-site scripting (XSS) vulnerability in my_admin/admin1_list_pages.php in SocialCMS 1.0.2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the TR_title par…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1982
|
2024-11-21 10:38 |
2012-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302614
|
- |
|
privawall
|
privawall_antivirus
|
The scanner engine in PrivaWall Antivirus 5.6 and earlier does not recognize the Office XML (aka Open Document XML) file format, which allows remote attackers to bypass malware detection via a crafte…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1907
|
2024-11-21 10:38 |
2012-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302615
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of servic…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1904
|
2024-11-21 10:38 |
2012-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302616
|
- |
|
opera
|
opera_browser
|
Opera before 11.62 on UNIX, when used in conjunction with an unspecified printing application, allows local users to overwrite arbitrary files via a symlink attack on a temporary file during printing.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1931
|
2024-11-21 10:38 |
2012-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302617
|
- |
|
opera
|
opera_browser
|
Opera before 11.62 on UNIX uses world-readable permissions for temporary files during printing, which allows local users to obtain sensitive information by reading these files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1930
|
2024-11-21 10:38 |
2012-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302618
|
- |
|
opera
|
opera_browser
|
Opera before 11.62 on Mac OS X allows remote attackers to spoof the address field and security dialogs via crafted styling that causes page content to be displayed outside of the intended content are…
|
CWE-20
Improper Input Validation
|
CVE-2012-1929
|
2024-11-21 10:38 |
2012-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302619
|
- |
|
opera
|
opera_browser
|
Opera before 11.62 allows remote attackers to spoof the address field by triggering a page reload followed by a redirect to a different domain.
|
CWE-20
Improper Input Validation
|
CVE-2012-1928
|
2024-11-21 10:38 |
2012-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302620
|
- |
|
opera
|
opera_browser
|
Opera before 11.62 allows remote attackers to spoof the address field by triggering the launch of a dialog window associated with a different domain.
|
CWE-20
Improper Input Validation
|
CVE-2012-1927
|
2024-11-21 10:38 |
2012-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
