| Page(s) : 1 ... 271 272 273 274 275 276 277 278 279 280 [281] 282 283 284 285 286 287 288 289 290 291 ... | Result(s) : 8826 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 3.5 | 2012-08-12 | CVE-2012-3476 | cve | Multiple cross-site scripting (XSS) vulnerabilities in (1) application/views/admin/layout.php and (2) themes/default/views/header.php in the Ushahidi Platform before 2.5 allow r... |
| 2.6 | 2012-08-11 | CVE-2012-3952 | cve | Cross-site scripting (XSS) vulnerability in admin/index.php in phpList before 2.10.19 allows remote attackers to inject arbitrary web script or HTML via the unconfirmed paramete... |
| 2.1 | 2012-08-11 | CVE-2012-3457 | cve | PNP4Nagios 0.6 through 0.6.16 uses world-readable permissions for process_perfdata.cfg, which allows local users to obtain the Gearman shared secret by reading the file. |
| 2.1 | 2012-08-08 | CVE-2012-0421 | cve | The SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE Manager and Spacewalk uses world-readable permissions for /etc/auditlog-keeper.conf, which allows local users to o... |
| 2.1 | 2012-08-08 | CVE-2011-4922 | cve | cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by r... |
| 3.6 | 2012-08-07 | CVE-2012-3454 | cve | eXtplorer 2.1.0b6 uses world writable permissions for the /var/lib/extplorer/ftp_tmp directory, which allows local users to delete or overwrite arbitrary files. |
| 3.6 | 2012-08-07 | CVE-2012-3453 | cve | logol 1.5.0 uses world writable permissions for the /var/lib/logol/results directory, which allows local users to delete or overwrite arbitrary files. |
| 3.3 | 2012-08-07 | CVE-2012-3452 | cve | gnome-screensaver 3.4.x before 3.4.4 and 3.5.x before 3.5.4, when multiple screens are used, only locks the screen with the active focus, which allows physically proximate attac... |
| 3.6 | 2012-08-07 | CVE-2012-3449 | cve | Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows loca... |
| 3.5 | 2012-08-07 | CVE-2012-3445 | cve | The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to c... |
| 3.5 | 2012-08-06 | CVE-2012-1344 | cve | Cisco IOS 15.1 and 15.2, when a clientless SSL VPN is configured, allows remote authenticated users to cause a denial of service (device reload) by using a web browser to refres... |
| 2.1 | 2012-08-06 | CVE-2012-3866 | cve | lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for last_run_report.yaml, which allows local users to obtain sens... |
| 3.5 | 2012-08-06 | CVE-2012-3865 | cve | Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in a... |
| 2.6 | 2012-08-06 | CVE-2012-3450 | cve | pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x before 5.4.4 does not properly determine the end of the query string during parsing of prepared statements,... |
| 2.6 | 2012-08-06 | CVE-2012-3408 | cve | lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet Enterprise before 2.5.2, supports use of IP addresses in certnames without warning of potential risks, which ... |
| 3.5 | 2012-08-06 | CVE-2012-1370 | cve | Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 allows remote authenticated users to cause a denial of service (vpnagentd process crash) via a crafted packet, aka B... |
| 3.5 | 2012-07-27 | CVE-2012-2202 | cve | Directory traversal vulnerability in javatester_init.php in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System all... |
| 3.7 | 2012-07-26 | CVE-2011-2503 | cve | The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it... |
| 3.5 | 2012-07-25 | CVE-2012-2310 | cve | Cross-site scripting (XSS) vulnerability in the cctags module for Drupal 6.x-1.x before 6.x-1.10 and 7.x-1.x before 7.x-1.10 allows remote authenticated users with certain roles... |
| 3.5 | 2012-07-25 | CVE-2012-2309 | cve | Cross-site scripting (XSS) vulnerability in the Glossify Internal Links Auto SEO module for Drupal 6.x-2.5 and earlier allows remote authenticated users with certain roles to in... |
| Page(s) : 1 ... 271 272 273 274 275 276 277 278 279 280 [281] 282 283 284 285 286 287 288 289 290 291 ... | Result(s) : 8826 |
