| Page(s) : 1 ... 261 262 263 264 265 266 267 268 269 270 [271] 272 273 274 275 276 277 278 279 280 281 ... | Result(s) : 8825 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 3.6 | 2012-11-18 | CVE-2012-4417 | cve | GlusterFS 3.3.0, as used in Red Hat Storage server 2.0, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names. |
| 2.6 | 2012-11-17 | CVE-2012-5914 | cve | Multiple cross-site scripting (XSS) vulnerabilities in the sed_import function in system/functions.php in Neocrome Seditio build 160 and 161 allow remote attackers to inject arb... |
| 3.5 | 2012-11-15 | CVE-2012-4954 | cve | The edit-profile page in Vanilla Forums before 2.1a32 allows remote authenticated users to modify arbitrary profile settings by replacing the UserID value during a man-in-the-mi... |
| 2.1 | 2012-11-13 | CVE-2012-2531 | cve | Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka "Pass... |
| 3.5 | 2012-11-11 | CVE-2012-4730 | cve | Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote authenticated users with ModifySelf or AdminUser privileges to inject arbitrary email headers and c... |
| 3.6 | 2012-11-03 | CVE-2012-3750 | cve | The Passcode Lock implementation in Apple iOS before 6.0.1 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode re... |
| 2.1 | 2012-11-02 | CVE-2012-4497 | cve | Cross-site scripting (XSS) vulnerability in the "3 slide gallery" in the Elegant Theme module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "admin... |
| 2.1 | 2012-11-02 | CVE-2012-4493 | cve | Cross-site scripting (XSS) vulnerability in the administrative interface in the Better Revisions module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with ... |
| 2.1 | 2012-11-01 | CVE-2012-5705 | cve | Cross-site scripting (XSS) vulnerability in the settings page (admin/settings/hotblocks) in the Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated us... |
| 3.5 | 2012-11-01 | CVE-2012-5704 | cve | The Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with the "administer hotblocks" permission to cause a denial of service (infinite loop a... |
| 2.1 | 2012-10-31 | CVE-2012-4544 | cve | The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk (1) before or (2) after decompression, which allows local guest administrators t... |
| 3.5 | 2012-10-31 | CVE-2012-4500 | cve | The Announcements module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with the "access announcements" permission to bypass node access restrictions and po... |
| 2.1 | 2012-10-31 | CVE-2012-4496 | cve | Cross-site scripting (XSS) vulnerability in the Custom Publishing Options module 6.x-1.x before 6.x-1.4 for Drupal allows remote authenticated users with the "administer nodes" ... |
| 2.1 | 2012-10-31 | CVE-2012-4492 | cve | Multiple cross-site scripting (XSS) vulnerabilities in the Shorten URLs module 6.x-1.x before 6.x-1.13 and 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users wit... |
| 2.7 | 2012-10-31 | CVE-2012-2625 | cve | The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service (memory consu... |
| 3.5 | 2012-10-31 | CVE-2012-4934 | cve | TomatoCart 1.1.7, when the PayPal Express Checkout module is enabled in sandbox mode, allows remote authenticated users to bypass intended payment requirements by modifying a ce... |
| 3.3 | 2012-10-31 | CVE-2012-4610 | cve | EMC Avamar Client for VMware 6.1 stores the cleartext server root password on the proxy client, which might allow remote attackers to obtain sensitive information by leveraging ... |
| 3.5 | 2012-10-25 | CVE-2012-5339 | cve | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name o... |
| 3.5 | 2012-10-24 | CVE-2012-5388 | cve | Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in the White Label CMS plugin 1.5 for WordPress allows remote authenticated administrators to inject arbitrary web s... |
| 3.6 | 2012-10-22 | CVE-2012-4518 | cve | ibacm 1.0.7 creates files with world-writable permissions, which allows local users to overwrite the ib_acm daemon log or ibacm.port file. |
| Page(s) : 1 ... 261 262 263 264 265 266 267 268 269 270 [271] 272 273 274 275 276 277 278 279 280 281 ... | Result(s) : 8825 |
