|
301741
|
- |
|
libguestfs
|
libguestfs
|
virt-edit in libguestfs before 1.18.0 does not preserve the permissions from the original file and saves the new file with world-readable permissions when editing, which might allow local guest users…
|
CWE-255
Credentials Management
|
CVE-2012-2690
|
2024-11-21 10:39 |
2012-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301742
|
- |
|
redhat
|
sos
|
The sosreport utility in the Red Hat sos package before 2.2-29 does not remove the root user password information from the Kickstart configuration file (/root/anaconda-ks.cfg) when creating an archiv…
|
CWE-255
Credentials Management
|
CVE-2012-2664
|
2024-11-21 10:39 |
2012-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301743
|
- |
|
mikel_olasagasti
|
revelation
|
Revelation 0.4.13-2 and earlier does not iterate through SHA hashing algorithms for AES encryption, which makes it easier for context-dependent attackers to guess passwords via a brute force attack.
|
CWE-255
Credentials Management
|
CVE-2012-2743
|
2024-11-21 10:39 |
2012-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301744
|
- |
|
mikel_olasagasti
|
revelation
|
Revelation 0.4.13-2 and earlier uses only the first 32 characters of a password followed by a sequence of zeros, which reduces the entropy and makes it easier for context-dependent attackers to crack…
|
CWE-255
Credentials Management
|
CVE-2012-2742
|
2024-11-21 10:39 |
2012-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301745
|
- |
|
mathew_winstone
|
mobile_tools
|
Multiple cross-site scripting (XSS) vulnerabilities in the Mobile Tools module 6.x-2.x before 6.x-2.3 for Drupal allow remote attackers to inject arbitrary web script or HTML via the (1) Mobile URL f…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2717
|
2024-11-21 10:39 |
2012-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301746
|
- |
|
shlomi_fish
|
config-inifiles
|
The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these detai…
|
NVD-CWE-Other
|
CVE-2012-2451
|
2024-11-21 10:39 |
2012-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301747
|
- |
|
strongswan
|
strongswan
|
The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
|
CWE-287
Improper Authentication
|
CVE-2012-2388
|
2024-11-21 10:39 |
2012-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301748
|
- |
|
google
|
chrome
|
Integer overflow in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted data in the Matroska container format.
|
CWE-189
Numeric Errors
|
CVE-2012-2834
|
2024-11-21 10:39 |
2012-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301749
|
- |
|
google
|
chrome
|
Buffer overflow in the JS API in the PDF functionality in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2833
|
2024-11-21 10:39 |
2012-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301750
|
- |
|
google
|
chrome
|
The image-codec implementation in the PDF functionality in Google Chrome before 20.0.1132.43 does not initialize an unspecified pointer, which allows remote attackers to cause a denial of service or …
|
NVD-CWE-Other
|
CVE-2012-2832
|
2024-11-21 10:39 |
2012-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
