258981
|
- |
|
ruby-lang
|
ruby
|
Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4466
|
2014-02-12 13:39 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258982
|
- |
|
nicolas_cannasse
|
ocaml_xml-light_library
|
OCaml Xml-Light Library before r234 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service …
|
CWE-310
Cryptographic Issues
|
CVE-2012-3514
|
2014-02-12 13:38 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258983
|
- |
|
andy_armstrong
|
cgi.pm
|
Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists…
|
NVD-CWE-noinfo
|
CVE-2010-4411
|
2014-02-12 13:24 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258984
|
- |
|
apache
|
wicket
|
Unspecified vulnerability in Apache Wicket 1.4.x before 1.4.23, 1.5.x before 1.5.11, and 6.x before 6.8.0 allows remote attackers to obtain sensitive information via vectors that cause raw HTML templ…
|
NVD-CWE-noinfo
|
CVE-2013-2055
|
2014-02-12 05:14 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258985
|
- |
|
x xkeyboard_config_project
|
x.org_x11 xkeyboard-config
|
xkeyboard-config before 2.5 in X.Org before 7.6 enables certain XKB debugging functions by default, which allows physically proximate attackers to bypass an X screen lock via keyboard combinations th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0064
|
2014-02-12 04:56 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258986
|
- |
|
symantec
|
web_gateway
|
Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.2 allow remote authenticated users to execute arbitrary SQL commands via unspecif…
|
CWE-89
SQL Injection
|
CVE-2013-5012
|
2014-02-12 00:22 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258987
|
- |
|
schneider-electric
|
telvent_sage_3030_firmware
|
The Schneider Electric Telvent SAGE 3030 RTU with firmware C3413-500-001D3_P4 and C3413-500-001F0_PB allows remote attackers to cause a denial of service (temporary outage and CPU consumption) via ma…
|
CWE-399 CWE-20
Resource Management Errors Improper Input Validation
|
CVE-2013-6143
|
2014-02-11 05:06 |
2014-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258988
|
- |
|
schneider-electric
|
telvent_sage_3030_firmware
|
Vendor advisory:
https://infrastructurecommunity.schneider-electric.com/servlet/JiveServlet/downloadBody/2966-102-1-4299/SAGE%20RTU%20DNP%20Security%20Bulletin%20123013%200102.pdf
|
CWE-399 CWE-20
Resource Management Errors Improper Input Validation
|
CVE-2013-6143
|
2014-02-11 05:06 |
2014-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258989
|
- |
|
ubuntu_developers
|
obby
|
obby (aka libobby) does not verify SSL server certificates, which allows remote attackers to spoof servers via an arbitrary certificate.
|
CWE-20
Improper Input Validation
|
CVE-2011-4092
|
2014-02-11 04:45 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258990
|
- |
|
perl
|
perl
|
The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (ass…
|
CWE-20
Improper Input Validation
|
CVE-2010-4777
|
2014-02-11 03:39 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|