Skip to main content
CVE-2012-0845 MEDIUM POC PATCH This Month

SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Python Denial Of Service
NVD
CVSS 2.0
5.0
EPSS
2.8%
CVE-2012-1150 MEDIUM POC PATCH This Month

Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Python Denial Of Service
NVD
CVSS 2.0
5.0
EPSS
1.7%
CVE-2012-4897 MEDIUM This Month

Untrusted search path vulnerability in the installer in VMware Movie Decoder before 9.0 allows local users to gain privileges via a Trojan horse executable file in the installer directory. Rated medium severity (CVSS 6.9). No vendor patch available.

VMware Information Disclosure Movie Decoder
NVD
CVSS 2.0
6.9
EPSS
0.2%
CVE-2012-4443 MEDIUM This Month

Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of root during execution of CGI scripts, which might allow local users to gain privileges by leveraging cgi-bin write access. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Monkey
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2012-5303 MEDIUM This Month

Monkey HTTP Daemon 0.9.3 might allow local users to overwrite arbitrary files via a symlink attack on a PID file, as demonstrated by a pathname different from the default /var/run/monkey.pid pathname. Rated medium severity (CVSS 6.9). No vendor patch available.

Information Disclosure Monkey
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2012-5051 MEDIUM This Month

Directory traversal vulnerability in VMware CapacityIQ 1.5.x allows remote attackers to read arbitrary files via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Path Traversal Capacityiq
NVD
CVSS 2.0
5.0
EPSS
0.1%
CVE-2012-4442 MEDIUM This Month

Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the root account during operations with a non-root effective UID, which might allow local users to bypass intended file-read. Rated medium severity (CVSS 4.7). No vendor patch available.

Privilege Escalation Monkey
NVD
CVSS 2.0
4.7
EPSS
0.1%
CVE-2012-5050 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the server in VMware vCenter Operations (aka vCOps) before 5.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

VMware XSS Vcenter Operations
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-4018 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Final Beta Laboratory MyWebSearch before 1.23 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Mywebsearch
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy