|
261211
|
- |
|
rubinius
|
rubinius
|
Rubinius computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) …
|
CWE-310
Cryptographic Issues
|
CVE-2012-5372
|
2013-02-26 13:51 |
2012-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261212
|
- |
|
cisco
|
prime_data_center_network_manager
|
Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5417
|
2013-02-26 13:51 |
2012-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261213
|
- |
|
sgi
|
performance_co-pilot
|
The (1) pcmd and (2) pmlogger init scripts in Performance Co-Pilot (PCP) before 3.6.10 allow local users to overwrite arbitrary files via a symlink attack on a /var/tmp/##### temporary file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5530
|
2013-02-26 13:51 |
2012-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261214
|
- |
|
emc
|
rsa_data_protection_manager_software_server
rsa_data_protection_manager_appliance
|
Cross-site scripting (XSS) vulnerability in EMC RSA Data Protection Manager Appliance and Software Server 2.7.x and 3.x before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4612
|
2013-02-26 13:50 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261215
|
- |
|
emc
|
rsa_data_protection_manager_appliance
|
EMC RSA Data Protection Manager Appliance 2.7.x and 3.x before 3.2.1 does not properly restrict the number of authentication attempts by a user account, which makes it easier for local users to bypas…
|
CWE-287
Improper Authentication
|
CVE-2012-4613
|
2013-02-26 13:50 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261216
|
- |
|
bigantsoft
|
bigant_im_message_server
|
SQL injection vulnerability in BigAntSoft BigAnt IM Message Server allows remote attackers to execute arbitrary SQL commands via an SHU (aka search user) request.
|
CWE-89
SQL Injection
|
CVE-2012-6273
|
2013-02-26 03:20 |
2013-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261217
|
- |
|
honeywell
|
enterprise_buildings_integrator
symmetre
comfortpoint_open_manager_station
|
An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310, R400.2, R410.1, and R410.2; SymmetrE R310, R410.1, and R410.2; ComfortPoint Open Manager (aka CPO-M)…
|
CWE-94
Code Injection
|
CVE-2013-0108
|
2013-02-25 14:00 |
2013-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261218
|
- |
|
cs-cart
|
cs-cart
|
CS-Cart before 3.0.6, when PayPal Standard Payments is configured, allows remote attackers to set the payment recipient via a modified value of the merchant's e-mail address, as demonstrated by setti…
|
CWE-16
Configuration
|
CVE-2013-0118
|
2013-02-25 14:00 |
2013-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261219
|
- |
|
dell
|
powerconnect_6248p
|
The web interface on Dell PowerConnect 6248P switches allows remote attackers to cause a denial of service (device crash) via a malformed request.
|
CWE-20
Improper Input Validation
|
CVE-2013-0120
|
2013-02-25 14:00 |
2013-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261220
|
- |
|
sourcefabric
|
newscoop
|
Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 4.x through 4.1.0 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) language parameter to app…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0730
|
2013-02-25 14:00 |
2013-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
