257111
|
- |
|
standards_based_linux_instrumentation
|
sblim-sfcb
|
sfcb in sblim-sfcb places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
|
NVD-CWE-Other
|
CVE-2012-3381
|
2012-08-17 23:20 |
2012-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257112
|
- |
|
ez
|
ezjscore
|
Cross-site scripting (XSS) vulnerability in the textEncode function in classes/ezjscajaxcontent.php in eZ JS Core in eZ Publish before 1.5 allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1597
|
2012-08-17 13:00 |
2012-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257113
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1908
|
2012-08-17 13:00 |
2012-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257114
|
- |
|
openstack
|
essex folsom
|
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to wr…
|
CWE-22
Path Traversal
|
CVE-2012-3360
|
2012-08-17 12:53 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257115
|
- |
|
openstack
|
diablo essex folsom
|
virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3361
|
2012-08-17 12:53 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257116
|
- |
|
siemens
|
comos
|
Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3009
|
2012-08-16 19:38 |
2012-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257117
|
- |
|
sybase
|
easerver
|
Cross-site scripting (XSS) vulnerability in Sybase EAServer before 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4340
|
2012-08-16 13:00 |
2012-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257118
|
- |
|
menalto
|
gallery
|
Multiple unspecified vulnerabilities in Gallery 3 before 3.0.4 allow attackers to execute arbitrary PHP code via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2012-4343
|
2012-08-16 13:00 |
2012-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257119
|
- |
|
spip
|
spip
|
Multiple unspecified vulnerabilities in SPIP before 1.9.2.o, 2.0.x before 2.0.18, and 2.1.x before 2.1.13 have unknown impact and attack vectors that are not related to cross-site scripting (XSS), di…
|
NVD-CWE-noinfo
|
CVE-2012-4331
|
2012-08-16 05:10 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257120
|
- |
|
ubercart
|
ubercart
|
Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 for Drupal allow remote authenticated users with the administer product cl…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2300
|
2012-08-16 03:47 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|