|
302191
|
- |
|
hp
|
operations_agent
|
Unspecified vulnerability in HP Operations Agent before 11.03.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1325.
|
NVD-CWE-noinfo
|
CVE-2012-2019
|
2024-11-21 10:38 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302192
|
- |
|
apache
|
org.apache.sling.servlets.post
|
The @CopyFrom operation in the POST servlet in the org.apache.sling.servlets.post bundle before 2.1.2 in Apache Sling does not prevent attempts to copy an ancestor node to a descendant node, which al…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2138
|
2024-11-21 10:38 |
2012-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302193
|
- |
|
php
|
php
|
Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash)…
|
CWE-189
Numeric Errors
|
CVE-2012-2386
|
2024-11-21 10:38 |
2012-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302194
|
- |
|
hp
|
network_node_manager_i
|
Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 8.x, 9.0x, and 9.1x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2018
|
2024-11-21 10:38 |
2012-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302195
|
- |
|
rsa
|
access_manager_server
access_manager_agent
|
EMC RSA Access Manager Server 6.x before 6.1 SP4 and RSA Access Manager Agent do not properly validate session tokens after a logout, which might allow remote attackers to conduct replay attacks via …
|
CWE-287
Improper Authentication
|
CVE-2012-2281
|
2024-11-21 10:38 |
2012-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302196
|
- |
|
postgresql
freebsd
php
debian
|
postgresql
freebsd
php
debian_linux
|
The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contai…
|
CWE-310
Cryptographic Issues
|
CVE-2012-2143
|
2024-11-21 10:38 |
2012-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302197
|
- |
|
fedoraproject
|
anaconda
|
The bootloader configuration module (pyanaconda/bootloader.py) in Anaconda uses 755 permissions for /etc/grub.d, which allows local users to obtain password hashes and conduct brute force password gu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2314
|
2024-11-21 10:38 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302198
|
- |
|
ibm
|
websphere_portal
|
Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF14, and 8.0, allows remote attackers to read arbitrary files via a crafted URL.
|
CWE-22
Path Traversal
|
CVE-2012-2181
|
2024-11-21 10:38 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302199
|
- |
|
pidgin
|
pidgin
|
msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service (application crash) by plac…
|
CWE-20
Improper Input Validation
|
CVE-2012-2318
|
2024-11-21 10:38 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302200
|
- |
|
pidgin
|
pidgin
|
proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (applicat…
|
CWE-399
Resource Management Errors
|
CVE-2012-2214
|
2024-11-21 10:38 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
