Click on the underlined CVE for additional vuln specific info
CVE-2012-6088 CVE-2012-5875 CVE-2012-5656 CVE-2012-5531 CVE-2012-2124
Summary: The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 does not return an error code in certain situations involving an "unparseable signature," which allows remote attackers to bypass RPM signature checks via a crafted package.
Published: 01/18/2013
CVSS Severity: 4.3 (MEDIUM)
Summary: Firefly Media Server 1.0.0.1359 allows remote attackers to cause a denial of service (NULL pointer dereference) via a (1) crafted Connection HTTP header; a return carriage control character in the (2) Accept Language header, (3) User-agent header, (4) Host header, or (5) protocol version; or a (6) crafted HTTP protocol version.
Published: 01/18/2013
CVSS Severity: 5.0 (MEDIUM)
Summary: The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack.
Published: 01/18/2013
CVSS Severity: 2.1 (LOW)
Summary: Multiple cross-site scripting (XSS) vulnerabilities in the GateIn Portal in JBoss Enterprise Portal Platform 5.2.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Published: 01/18/2013
CVSS Severity: 4.3 (MEDIUM)
Summary: functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preference files. NOTE: this issue exists because of an incorrect fix for CVE-2010-2813.
Published: 01/18/2013
CVSS Severity: 5.0 (MEDIUM)