CVE-2012-2317
- EPSS 2.46%
- Veröffentlicht 07.08.2012 19:55:01
- Zuletzt bearbeitet 16.06.2026 23:41:20
The Debian php_crypt_revamped.patch patch for PHP 5.3.x, as used in the php5 package before 5.3.3-7+squeeze4 in Debian GNU/Linux squeeze, the php5 package before 5.3.2-1ubuntu4.17 in Ubuntu 10.04 LTS, and the php5 package before 5.3.5-1ubuntu7.10 in ...
CVE-2012-2665
- EPSS 7.01%
- Veröffentlicht 06.08.2012 18:55:01
- Zuletzt bearbeitet 16.06.2026 23:41:50
Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Do...
CVE-2012-3867
- EPSS 2.45%
- Veröffentlicht 06.08.2012 16:55:06
- Zuletzt bearbeitet 16.06.2026 23:44:02
lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request (CSR), which makes it eas...
CVE-2012-3571
- EPSS 12.99%
- Veröffentlicht 25.07.2012 10:42:35
- Zuletzt bearbeitet 16.06.2026 23:43:29
ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.
CVE-2012-3954
- EPSS 4.33%
- Veröffentlicht 25.07.2012 10:42:35
- Zuletzt bearbeitet 16.06.2026 23:44:07
Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.
CVE-2012-4048
- EPSS 1.39%
- Veröffentlicht 24.07.2012 19:55:00
- Zuletzt bearbeitet 16.06.2026 23:44:19
The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted packet, as demonstrated by a usbmon ...
CVE-2012-2751
- EPSS 3.3%
- Veröffentlicht 22.07.2012 16:55:27
- Zuletzt bearbeitet 16.06.2026 23:42:02
ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote a...
CVE-2012-0867
- EPSS 2.34%
- Veröffentlicht 18.07.2012 23:55:01
- Zuletzt bearbeitet 16.06.2026 23:38:25
PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters...
- EPSS 2.07%
- Veröffentlicht 12.07.2012 20:55:15
- Zuletzt bearbeitet 16.06.2026 23:41:24
The default configuration of the auth/saml plugin in Mahara before 1.4.2 sets the "Match username attribute to Remote username" option to false, which allows remote SAML IdP servers to spoof users of other SAML IdP servers by using the same internal ...
CVE-2012-2143
- EPSS 5.73%
- Veröffentlicht 05.07.2012 14:55:02
- Zuletzt bearbeitet 16.06.2026 23:41:04
The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for cont...