Total
9117 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-5644 | 4 Debian, Fedoraproject, Libuser Project and 1 more | 4 Debian Linux, Fedora, Libuser and 1 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| libuser has information disclosure when moving user's home directory | |||||
| CVE-2012-5639 | 3 Apache, Debian, Libreoffice | 3 Openoffice, Debian Linux, Libreoffice | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| LibreOffice and OpenOffice automatically open embedded content | |||||
| CVE-2012-5577 | 2 Debian, Python | 2 Debian Linux, Keyring | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Python keyring lib before 0.10 created keyring files with world-readable permissions. | |||||
| CVE-2012-5521 | 3 Debian, Quagga, Redhat | 3 Debian Linux, Quagga, Enterprise Linux | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal | |||||
| CVE-2012-5476 | 2 Debian, Openstack | 2 Debian Linux, Horizon | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value. | |||||
| CVE-2012-5474 | 4 Debian, Fedoraproject, Openstack and 1 more | 4 Debian Linux, Fedora, Horizon and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value. | |||||
| CVE-2012-4576 | 2 Debian, Freebsd | 2 Debian Linux, Freebsd | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| FreeBSD: Input Validation Flaw allows local users to gain elevated privileges | |||||
| CVE-2012-4428 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| openslp: SLPIntersectStringList()' Function has a DoS vulnerability | |||||
| CVE-2012-4385 | 2 Debian, Trilexnet | 2 Debian Linux, Letodms | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| letodms 3.3.6 has CSRF via change password | |||||
| CVE-2012-4384 | 2 Debian, Trilexnet | 2 Debian Linux, Letodms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| letodms has multiple XSS issues: Reflected XSS in Login Page, Stored XSS in Document Owner/User name, Stored XSS in Calendar | |||||
| CVE-2012-3543 | 3 Canonical, Debian, Mono-project | 3 Ubuntu Linux, Debian Linux, Mono | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| mono 2.10.x ASP.NET Web Form Hash collision DoS | |||||
| CVE-2012-3409 | 2 Debian, Ecryptfs | 2 Debian Linux, Ecryptfs-utils | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation | |||||
| CVE-2012-2736 | 4 Canonical, Debian, Gnome and 1 more | 4 Ubuntu Linux, Debian Linux, Networkmanager and 1 more | 2024-11-21 | 3.3 LOW | 4.4 MEDIUM |
| In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network. | |||||
| CVE-2012-2350 | 2 Debian, Pam Shield Project | 2 Debian Linux, Pam Shield | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| pam_shield before 0.9.4: Default configuration does not perform protective action | |||||
| CVE-2012-2248 | 2 Debian, Dhclient Project | 2 Debian Linux, Dhclient | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable. | |||||
| CVE-2012-2237 | 2 Debian, Mahara | 2 Debian Linux, Mahara | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x before 1.4.3 and 1.5.x before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) javascript innerHTML as used when generating login forms, (2) links or (3) resources URLs, and (4) the Display name in a user profile. | |||||
| CVE-2012-2130 | 3 Debian, Fedoraproject, Polarssl | 3 Debian Linux, Fedora, Polarssl | 2024-11-21 | 5.8 MEDIUM | 7.4 HIGH |
| A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys. | |||||
| CVE-2012-1577 | 3 Debian, Dietlibc Project, Openbsd | 3 Debian Linux, Dietlibc, Openbsd | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0. | |||||
| CVE-2012-1572 | 2 Debian, Openstack | 2 Debian Linux, Keystone | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space | |||||
| CVE-2012-1155 | 4 Debian, Fedoraproject, Moodle and 1 more | 4 Debian Linux, Fedora, Moodle and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to | |||||