260921
|
- |
|
ge
|
intelligent_platforms_proficy_real-time_information_portal
|
rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 through 3.5 SP1 allows remote attackers to cause a denial of service (memory corruptio…
|
CWE-20
Improper Input Validation
|
CVE-2012-3026
|
2013-04-13 11:55 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260922
|
- |
|
trendmicro
|
interscan_messaging_security_suite
|
Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394 allow remote attackers to inject arbitrary web script or HTML via (1) the wr…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2995
|
2013-04-13 11:54 |
2012-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260923
|
- |
|
trendmicro
|
interscan_messaging_security_suite
|
Cross-site request forgery (CSRF) vulnerability in saveAccountSubTab.imss in Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394 allows remote attackers to hijack the authentication o…
|
CWE-352
Origin Validation Error
|
CVE-2012-2996
|
2013-04-13 11:54 |
2012-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260924
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
The Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) does not properly verify files, which allows local users to gain privileges via unspecified vectors, …
|
CWE-20
Improper Input Validation
|
CVE-2013-1172
|
2013-04-11 19:55 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260925
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
Heap-based buffer overflow in ciscod.exe in the Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) allows local users to gain privileges via unspecified vec…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1173
|
2013-04-11 19:55 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260926
|
- |
|
cisco
|
ubr10012
|
Cisco Universal Broadband (aka uBR) 10000 series routers, when an IPv4/IPv6 dual-stack modem is used, allow remote attackers to cause a denial of service (routing-engine reload) via unspecified chang…
|
CWE-20
Improper Input Validation
|
CVE-2013-1189
|
2013-04-11 19:55 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260927
|
- |
|
redhat
|
openstack_essex openstack_folsom
|
Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6120
|
2013-04-11 13:00 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260928
|
- |
|
privoxy
|
privoxy
|
Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended…
|
CWE-20
Improper Input Validation
|
CVE-2013-2503
|
2013-04-11 12:33 |
2013-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260929
|
- |
|
ovirt
|
sanlock
|
The setup_logging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content or bypass intended disk-quota restricti…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5638
|
2013-04-11 12:32 |
2012-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260930
|
- |
|
mcafee
|
email_gateway
|
Directory traversal vulnerability in McAfee Email Gateway (MEG) 7.0.0 and 7.0.1 allows remote authenticated users to bypass intended access restrictions and download arbitrary files via a crafted URL.
|
CWE-22
Path Traversal
|
CVE-2012-4596
|
2013-04-11 12:31 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|