257201
|
- |
|
justin_ellison
|
node_gallery
|
Cross-site request forgery (CSRF) vulnerability in the Node Gallery module for Drupal 6.x-3.1 and earlier allows remote attackers to hijack the authentication of certain users for requests that creat…
|
CWE-352
Origin Validation Error
|
CVE-2012-2305
|
2012-08-9 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257202
|
- |
|
wordpress
|
wordpress
|
Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress before 3.4.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2012-3384
|
2012-08-9 13:00 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257203
|
- |
|
opera
|
opera_browser
|
Unspecified vulnerability in Opera before 12.00 on Mac OS X has unknown impact and attack vectors, related to a "moderate severity issue."
|
NVD-CWE-noinfo
|
CVE-2012-3559
|
2012-08-9 13:00 |
2012-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257204
|
- |
|
csilvers
|
gperftools
|
Multiple integer overflows in TCMalloc (tcmalloc.cc) in gperftools before 0.4 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large siz…
|
CWE-189
Numeric Errors
|
CVE-2005-4895
|
2012-08-9 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257205
|
- |
|
extplorer
|
extplorer
|
eXtplorer 2.1.0b6 uses world writable permissions for the /var/lib/extplorer/ftp_tmp directory, which allows local users to delete or overwrite arbitrary files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3454
|
2012-08-9 00:21 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257206
|
- |
|
novell
|
suse_audit_log_keeper
|
The SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE Manager and Spacewalk uses world-readable permissions for /etc/auditlog-keeper.conf, which allows local users to obtain passwords by rea…
|
CWE-200
Information Exposure
|
CVE-2012-0421
|
2012-08-8 19:26 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257207
|
- |
|
apple
|
safari
|
Cross-site scripting (XSS) vulnerability in Apple Safari before 6.0 allows remote attackers to inject arbitrary web script or HTML via a feed:// URL.
|
CWE-79
Cross-site Scripting
|
CVE-2012-0678
|
2012-08-8 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257208
|
- |
|
nancy_wichmann
|
sitedoc
|
Site Documentation (Sitedoc) module for Drupal 6.x-1.x before 6.x-1.4 does not properly check the save location when archiving, which allows remote attackers to obtain sensitive information via unspe…
|
CWE-200
Information Exposure
|
CVE-2012-2302
|
2012-08-8 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257209
|
- |
|
oleg_kovalchuk
|
cctags
|
Cross-site scripting (XSS) vulnerability in the cctags module for Drupal 6.x-1.x before 6.x-1.10 and 7.x-1.x before 7.x-1.10 allows remote authenticated users with certain roles to inject arbitrary w…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2310
|
2012-08-8 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257210
|
- |
|
debian canonical
|
php5-common debian_linux php5 ubuntu_linux
|
The Debian php_crypt_revamped.patch patch for PHP 5.3.x, as used in the php5 package before 5.3.3-7+squeeze4 in Debian GNU/Linux squeeze, the php5 package before 5.3.2-1ubuntu4.17 in Ubuntu 10.04 LTS…
|
CWE-310
Cryptographic Issues
|
CVE-2012-2317
|
2012-08-8 13:00 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|