257311
|
- |
|
gnome
|
gdk-pixbuf
|
The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values, which allows remote attackers to cause a denial of service (…
|
NVD-CWE-Other
|
CVE-2011-2485
|
2012-07-4 01:40 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257312
|
- |
|
apache
|
http_server
|
The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of envi…
|
CWE-20
Improper Input Validation
|
CVE-2011-4415
|
2012-07-3 13:04 |
2011-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257313
|
- |
|
php
|
php
|
The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging pot…
|
CWE-94
Code Injection
|
CVE-2011-3379
|
2012-07-3 13:02 |
2011-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257314
|
- |
|
secureideas
|
basic_analysis_and_security_engine
|
Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE) before 1.4.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) sig[1] parame…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4837
|
2012-07-3 13:00 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257315
|
- |
|
secureideas
|
basic_analysis_and_security_engine
|
SQL injection vulnerability in base_ag_common.php in Basic Analysis and Security Engine (BASE) before 1.4.3.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. NO…
|
CWE-89
SQL Injection
|
CVE-2009-4838
|
2012-07-3 13:00 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257316
|
- |
|
secureideas
|
basic_analysis_and_security_engine
|
Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE), possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspeci…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4839
|
2012-07-3 13:00 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257317
|
- |
|
secureideas
|
basic_analysis_and_security_engine
|
Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.php in Base Analysis and Security Engine (BASE) before 1.3.9 allow remote attackers to inject arbitrary web script or HTML via the…
|
CWE-79
Cross-site Scripting
|
CVE-2007-6156
|
2012-07-3 13:00 |
2007-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257318
|
- |
|
acid secureideas
|
analysis_console_for_intrusion_databases basic_analysis_and_security_engine
|
Multiple SQL injection vulnerabilities in (1) acid_qry_main.php in Analysis Console for Intrusion Databases (ACID) 0.9.6b20 and (2) base_qry_main.php in Basic Analysis and Security Engine (BASE) 1.2,…
|
CWE-89
SQL Injection
|
CVE-2005-3325
|
2012-07-3 13:00 |
2005-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257319
|
- |
|
mikel_olasagasti
|
revelation
|
The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information.
|
CWE-310
Cryptographic Issues
|
CVE-2012-3818
|
2012-07-2 21:36 |
2012-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257320
|
- |
|
webatall
|
web\@all
|
Cross-site scripting (XSS) vulnerability in search.php in web@all 2.0, as downloaded before May 30, 2012, allows remote attackers to inject arbitrary web script or HTML via the _text[title] parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-3232
|
2012-07-2 21:22 |
2012-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|