259731
|
- |
|
extplorer
|
extplorer
|
Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attackers to hijack the authentication of administrators for requests that add an administrator account …
|
CWE-352
Origin Validation Error
|
CVE-2012-3362
|
2012-07-27 12:40 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259732
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to read arbitrary files via a crafted web site.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3690
|
2012-07-26 23:23 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259733
|
- |
|
freebsd netbsd
|
freebsd netbsd
|
The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD does not properly allocate memory, which makes it easier for context-dependent attackers to perform memory-…
|
CWE-189
Numeric Errors
|
CVE-2007-6754
|
2012-07-26 21:52 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259734
|
- |
|
kajona
|
kajona
|
Multiple cross-site scripting (XSS) vulnerabilities in the getAllPassedParams function in system/functions.php in Kajona before 3.4.2 allow remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3805
|
2012-07-26 13:00 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259735
|
- |
|
freebsd netbsd
|
freebsd netbsd
|
Integer overflow in the calloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD makes it easier for context-dependent attackers to perform memory-related attacks such a…
|
CWE-189
Numeric Errors
|
CVE-2006-7252
|
2012-07-26 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259736
|
- |
|
wordpress
|
wordpress
|
WordPress before 3.4.1 does not properly restrict access to post contents such as private or draft posts, which allows remote authors or contributors to obtain sensitive information via unknown vecto…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3385
|
2012-07-24 04:03 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259737
|
- |
|
libpng
|
libpng
|
Off-by-one error in the png_formatted_warning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service (application crash) and possibly execute a…
|
CWE-189
Numeric Errors
|
CVE-2011-3464
|
2012-07-23 13:00 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259738
|
- |
|
openbsd
|
openssh
|
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory co…
|
CWE-189
Numeric Errors
|
CVE-2011-5000
|
2012-07-22 12:33 |
2012-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259739
|
- |
|
sayakbanerjee
|
sticky_notes
|
Multiple cross-site scripting (XSS) vulnerabilities in Sticky Notes before 0.2.27052012.5 allow remote attackers to inject arbitrary web script or HTML via the (1) paste_user or (2) paste_lang parame…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3997
|
2012-07-19 13:00 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259740
|
- |
|
sayakbanerjee
|
sticky_notes
|
Multiple SQL injection vulnerabilities in Sticky Notes before 0.2.27052012.5 allow remote attackers to execute arbitrary SQL commands via the (1) paste id in admin/modules/mod_pastes.php or (2) show.…
|
CWE-89
SQL Injection
|
CVE-2012-3998
|
2012-07-19 13:00 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|