| Max CVSS | 9.3 | Min CVSS | 1.2 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-3417 | 4.0 |
The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota (aka quota) before 3.17 invokes the hosts_ctl function the first time without a host name, which might allow remote attackers to bypass TCP Wrappers rules in hosts.deny.
|
13-02-2023 - 04:34 | 13-08-2012 - 20:55 | |
| CVE-2012-2124 | 5.0 |
functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP
|
13-02-2023 - 04:33 | 18-01-2013 - 11:48 | |
| CVE-2012-2370 | 5.0 |
Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a h
|
13-02-2023 - 04:33 | 13-08-2012 - 20:55 | |
| CVE-2011-2722 | 1.2 |
The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing (HPLIP) 3.x before 3.11.10 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hpcupsfax.out temporary file.
|
13-02-2023 - 01:20 | 25-05-2012 - 20:55 | |
| CVE-2012-4452 | 2.1 |
MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated
|
13-02-2023 - 00:26 | 09-10-2012 - 23:55 | |
| CVE-2012-3359 | 3.7 |
Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the __ac session cookie, which allows attackers to gain privileges by accessing this cookie. NOTE: this issue has been SPLIT due to different vulnerability ty
|
13-02-2023 - 00:25 | 31-03-2014 - 14:58 | |
| CVE-2011-4339 | 3.6 |
ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users
|
03-02-2022 - 19:59 | 15-12-2011 - 03:57 | |
| CVE-2012-2687 | 2.6 |
Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to in
|
06-06-2021 - 11:15 | 22-08-2012 - 19:55 | |
| CVE-2013-0769 | 9.3 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey be
|
11-08-2020 - 13:09 | 13-01-2013 - 20:55 | |
| CVE-2012-4291 | 3.3 |
The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
|
30-10-2018 - 16:27 | 16-08-2012 - 10:38 | |
| CVE-2007-6067 | 6.8 |
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of se
|
15-10-2018 - 21:49 | 09-01-2008 - 21:46 | |
| CVE-2009-2473 | 4.3 |
neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large numbe
|
19-09-2017 - 01:29 | 21-08-2009 - 17:30 | |
| CVE-2012-2141 | 3.5 |
Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service (out-of-bounds read and snmpd crash) via an SNMP GET request for an entry
|
29-08-2017 - 01:31 | 14-08-2012 - 22:55 | |
| CVE-2012-2697 | 4.9 |
Unspecified vulnerability in autofs, as used in Red Hat Enterprise Linux (RHEL) 5, allows local users to cause a denial of service (autofs crash and delayed mounts) or prevent "mount expiration" via unspecified vectors related to "using an LDAP-based
|
08-12-2016 - 03:02 | 24-02-2013 - 21:55 | |
| CVE-2012-4522 | 5.0 |
The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path.
|
04-05-2013 - 03:20 | 24-11-2012 - 20:55 | |
| CVE-2011-4966 | 6.0 |
modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired passwo
|
19-03-2013 - 12:35 | 12-03-2013 - 23:55 | |
| CVE-2012-2693 | 3.7 |
libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to acces
|
15-01-2013 - 04:30 | 17-06-2012 - 03:41 |