|
260581
|
- |
|
trendmicro
|
interscan_messaging_security_suite
|
Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394 allow remote attackers to inject arbitrary web script or HTML via (1) the wr…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2995
|
2013-04-13 11:54 |
2012-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260582
|
- |
|
trendmicro
|
interscan_messaging_security_suite
|
Cross-site request forgery (CSRF) vulnerability in saveAccountSubTab.imss in Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394 allows remote attackers to hijack the authentication o…
|
CWE-352
Origin Validation Error
|
CVE-2012-2996
|
2013-04-13 11:54 |
2012-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260583
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
The Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) does not properly verify files, which allows local users to gain privileges via unspecified vectors, …
|
CWE-20
Improper Input Validation
|
CVE-2013-1172
|
2013-04-11 19:55 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260584
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
Heap-based buffer overflow in ciscod.exe in the Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) allows local users to gain privileges via unspecified vec…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1173
|
2013-04-11 19:55 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260585
|
- |
|
cisco
|
ubr10012
|
Cisco Universal Broadband (aka uBR) 10000 series routers, when an IPv4/IPv6 dual-stack modem is used, allow remote attackers to cause a denial of service (routing-engine reload) via unspecified chang…
|
CWE-20
Improper Input Validation
|
CVE-2013-1189
|
2013-04-11 19:55 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260586
|
- |
|
redhat
|
openstack_essex
openstack_folsom
|
Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6120
|
2013-04-11 13:00 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260587
|
- |
|
privoxy
|
privoxy
|
Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended…
|
CWE-20
Improper Input Validation
|
CVE-2013-2503
|
2013-04-11 12:33 |
2013-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260588
|
- |
|
ovirt
|
sanlock
|
The setup_logging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content or bypass intended disk-quota restricti…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5638
|
2013-04-11 12:32 |
2012-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260589
|
- |
|
mcafee
|
email_gateway
|
Directory traversal vulnerability in McAfee Email Gateway (MEG) 7.0.0 and 7.0.1 allows remote authenticated users to bypass intended access restrictions and download arbitrary files via a crafted URL.
|
CWE-22
Path Traversal
|
CVE-2012-4596
|
2013-04-11 12:31 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260590
|
- |
|
cisco
|
ios
|
The SIP ALG feature in the NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CS…
|
CWE-399
Resource Management Errors
|
CVE-2012-4618
|
2013-04-11 12:31 |
2012-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
