CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2012-1615
https://notcve.org/view.php?id=CVE-2012-1615
A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file. Se presenta una vulnerabilidad de Escalada de Privilegios en Fedoraproject Sectool debido a un archivo DBus incorrecto. • http://lists.fedoraproject.org/pipermail/package-announce/2012-April/076873.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081113.html http://www.openwall.com/lists/oss-security/2012/04/04/2 http://www.securityfocus.com/bid/52884 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1615 https://exchange.xforce.ibmcloud.com/vulnerabilities/74655 • CWE-269: Improper Privilege Management •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2012-1115
https://notcve.org/view.php?id=CVE-2012-1115
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php. Se presenta una vulnerabilidad de tipo Cross-Site Scripting (XSS) en LDAP Account Manager (LAM) Pro versión 3.6, en los parámetros export, add_value_form y dn en el archivo cmd.php. • http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089297.html http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089313.html http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089328.html http://www.openwall.com/lists/oss-security/2012/03/05/24 http://www.openwall.com/lists/oss-security/2012/03/12/1 http://www.openwall.com/lists/oss-security/2012/03/12/10 http://www.securityfocus.com/bid/52255 https://bugzilla.redhat.com&#x • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2012-1114
https://notcve.org/view.php?id=CVE-2012-1114
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php. Se presenta una vulnerabilidad de tipo Cross-Site Scripting (XSS) en LDAP Account Manager (LAM) Pro versión 3.6, en el parámetro filter en el archivo cmd.php en una acción export y exporter_id y el parámetro filteruid en el archivo list.php. • http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089297.html http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089313.html http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089328.html http://www.openwall.com/lists/oss-security/2012/03/05/24 http://www.openwall.com/lists/oss-security/2012/03/12/1 http://www.openwall.com/lists/oss-security/2012/03/12/10 http://www.securityfocus.com/bid/52255 https://bugzilla.redhat.com&#x • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2012-1105
https://notcve.org/view.php?id=CVE-2012-1105
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner. Se presenta una vulnerabilidad de Divulgación de Información en el paquete Jasig Project php-pear-CAS versión 1.2.2 en el directorio /tmp. La biblioteca del cliente Central Authentication Service guarda el archivo de registro de depuración de manera no segura. • http://www.openwall.com/lists/oss-security/2012/03/05/7 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1105 https://gitlab.vsb.cz/kal0178/sixmon/blob/b18bcde090dc38fc968a0b1e38d1dab08b8c369e/web/lib/CAS/CAS-1.3.5/docs/ChangeLog https://security-tracker.debian.org/tracker/CVE-2012-1105 https://www.securityfocus.com/bid/52280 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 0CVE-2013-4235
https://notcve.org/view.php?id=CVE-2013-4235
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees shadow: condición de carrera TOCTOU (de tiempo de comprobación y tiempo de uso) cuando se copia y elimina árboles de directorio. • https://access.redhat.com/security/cve/cve-2013-4235 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://security-tracker.debian.org/tracker/CVE-2013-4235 https://security.gentoo.org/glsa/202210-26 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •