Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

opensuse opensuse 12.2 vulnerabilities and exploits

(subscribe to this query)

5
CVSSv2
CVE-2012-5568
Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris....
Apache TomcatOpensuse Opensuse 11.4Opensuse Opensuse 12.1Opensuse Opensuse 12.2
4.3
CVSSv2
CVE-2009-5031
ModSecurity before 2.5.11 treats request parameter values containing single quotes as files, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks via a single quote in a request parameter in the...
Trustwave ModsecurityOpensuse Opensuse 11.4Opensuse Opensuse 12.2Opensuse Opensuse 12.3
5
CVSSv2
CVE-2013-2765
The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header....
Modsecurity ModsecurityOpensuse Opensuse 11.4Opensuse Opensuse 12.2Opensuse Opensuse 12.3
5
CVSSv2
CVE-2012-4528
The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data....
Trustwave ModsecurityOpensuse Opensuse 11.4Opensuse Opensuse 12.2Opensuse Opensuse 12.3Fedoraproject Fedora 18
2.1
CVSSv2
CVE-2013-2190
The translate_hierarchy_event function in x11/clutter-device-manager-xi2.c in Clutter, when resuming the system, does not properly handle XIQueryDevice errors when a device has "disappeared," which causes the gnome-shell to crash and allows physically proximate...
Clutter Project Clutter -Opensuse Opensuse 12.2Opensuse Opensuse 12.3
2.1
CVSSv2
CVE-2013-0222
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function....
Gnu CoreutilsOpensuse Opensuse 11.4Opensuse Opensuse 12.1Opensuse Opensuse 12.2Redhat Enterprise Linux 6.0
4.3
CVSSv2
CVE-2013-0221
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command, when using the (1) -d or (2) -M switch, which triggers a stack-based buffer overflow in the...
Redhat Enterprise Linux 6.0Opensuse Opensuse 12.1Opensuse Opensuse 12.2Gnu Coreutils
4.3
CVSSv2
CVE-2013-1418
The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request....
Mit Kerberos 5Debian Debian Linux 7.0Opensuse Opensuse 11.4Opensuse Opensuse 12.2Opensuse Opensuse 12.3Opensuse Opensuse 13.1
1.9
CVSSv2
CVE-2013-0223
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the join command, when using the -i switch, which triggers a stack-based buffer overflow in the alloca function....
Opensuse Opensuse 11.4Opensuse Opensuse 12.1Opensuse Opensuse 12.2Redhat Enterprise Linux 6.0Gnu Coreutils
4.3
CVSSv2
CVE-2013-2637
A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code....
Otrs FaqOtrs Otrs ItsmOpensuse Opensuse 12.2Opensuse Opensuse 12.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-24069remote code executionmass assignmentCVE-2021-1782CVE-2021-23962CVE-2021-24081cross-site scriptingCVE-2021-21973CVE-2021-23972