Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-07-20 | CVE-2012-3008 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Osisoft PI OPC DA Interface 2.3.16.16/2.3.17.18 Stack-based buffer overflow in OSIsoft PI OPC DA Interface before 2.3.20.9 allows remote authenticated users to execute arbitrary code by sending packet data during the processing of messages associated with OPC items. | 8.5 |
2012-07-20 | CVE-2012-2955 | Cross-Site Scripting vulnerability in IBM products Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in IBM Lotus Protector for Mail Security 2.1, 2.5, 2.5.1, and 2.8 and IBM ISS Proventia Network Mail Security System allow remote attackers to inject arbitrary web script or HTML via the query string. | 4.3 |
2012-07-20 | CVE-2012-2688 | Buffer Overflow vulnerability in PHP '_php_stream_scandir()' Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow." | 10.0 |
2012-07-20 | CVE-2011-4590 | Improper Authentication vulnerability in Moodle The web services implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly consider the maintenance-mode state and account attributes during login attempts, which allows remote authenticated users to bypass intended access restrictions by connecting to a webservice server. | 4.0 |
2012-07-20 | CVE-2011-4589 | Permissions, Privileges, and Access Controls vulnerability in Moodle backup/moodle2/restore_stepslib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not check for the moodle/course:changeidnumber privilege during handling of course ID numbers, which allows remote authenticated users to overwrite ID numbers via a restore action. | 5.5 |
2012-07-20 | CVE-2011-4583 | Permissions, Privileges, and Access Controls vulnerability in Moodle Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 displays web service tokens associated with (1) disabled services and (2) users who no longer have authorization, which allows remote authenticated users to have an unspecified impact by reading these tokens. | 6.5 |
2012-07-20 | CVE-2011-4582 | Improper Input Validation vulnerability in Moodle 2.1.0/2.1.1/2.1.2 Open redirect vulnerability in the Calendar set page in Moodle 2.1.x before 2.1.3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a redirection URL. | 4.9 |
2012-07-19 | CVE-2012-4025 | Integer Overflow OR Wraparound vulnerability in Squashfs Project Squashfs Integer overflow in the queue_init function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted block_log field in the superblock of a .sqsh file, leading to a heap-based buffer overflow. | 6.8 |
2012-07-19 | CVE-2012-4024 | Out-Of-Bounds Write vulnerability in Squashfs Project Squashfs Stack-based buffer overflow in the get_component function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted list file (aka a crafted file for the -ef option). | 6.8 |
2012-07-19 | CVE-2012-2974 | Improper Authentication vulnerability in SMC Smc8024L2 Switch The web interface on the SMC SMC8024L2 switch allows remote attackers to bypass authentication and obtain administrative access via a direct request to a .html file under (1) status/, (2) system/, (3) ports/, (4) trunks/, (5) vlans/, (6) qos/, (7) rstp/, (8) dot1x/, (9) security/, (10) igmps/, or (11) snmp/. | 10.0 |