261021
|
- |
|
pythonpaste
|
paste
|
Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leverag…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0878
|
2013-04-2 12:15 |
2012-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261022
|
- |
|
novell
|
groupwise
|
Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitr…
|
CWE-189
Numeric Errors
|
CVE-2012-0271
|
2013-04-2 12:14 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261023
|
- |
|
novell
|
groupwise
|
Per: http://www.novell.com/support/kb/doc.php?id=7010769
"Previous versions of GroupWise are likely also vulnerable but are no longer supported."
|
CWE-189
Numeric Errors
|
CVE-2012-0271
|
2013-04-2 12:14 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261024
|
- |
|
symantec
|
liveupdate_administrator
|
Symantec LiveUpdate Administrator before 2.3.1 uses weak permissions (Everyone: Full Control) for the installation directory, which allows local users to gain privileges via a Trojan horse file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0304
|
2013-04-2 12:14 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261025
|
- |
|
novell
|
groupwise
|
Directory traversal vulnerability in WebAccess in Novell GroupWise before 8.03 allows remote attackers to read arbitrary files via the User.interface parameter.
|
CWE-22
Path Traversal
|
CVE-2012-0410
|
2013-04-2 12:14 |
2012-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261026
|
- |
|
siemens
|
cp_1604_firmware cp_1616_firmware cp_1604 cp_1616
|
The debugging feature on the Siemens CP 1604 and CP 1616 interface cards with firmware before 2.5.2 allows remote attackers to execute arbitrary code via a crafted packet to UDP port 17185.
|
NVD-CWE-noinfo
|
CVE-2013-0659
|
2013-04-2 01:55 |
2013-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261027
|
- |
|
asterisk
|
open_source certified_asterisk business_edition digiumphones
|
The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition (BE) C.3.x …
|
CWE-200
Information Exposure
|
CVE-2013-2264
|
2013-04-2 01:55 |
2013-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261028
|
- |
|
asterisk
|
open_source certified_asterisk digiumphones
|
main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2686
|
2013-04-2 01:55 |
2013-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261029
|
- |
|
coreftp
|
coreftp
|
Multiple buffer overflows in Core FTP before 2.2 build 1769 allow remote FTP servers to execute arbitrary code or cause a denial of service (application crash) via a long directory name in a (1) DELE…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0130
|
2013-03-30 02:42 |
2013-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261030
|
- |
|
novell
|
zenworks_mobile_management
|
Directory traversal vulnerability in DUSAP.php in Novell ZENworks Mobile Management before 2.7.1 allows remote attackers to include and execute arbitrary local files via the language parameter.
|
CWE-22
Path Traversal
|
CVE-2013-1082
|
2013-03-30 02:29 |
2013-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|