258751
|
- |
|
belkin
|
wemo_home_automation_firmware
|
The Belkin WeMo Home Automation firmware before 3949 has a hardcoded GPG key, which makes it easier for remote attackers to spoof firmware updates and execute arbitrary code via crafted signed data.
|
CWE-310
Cryptographic Issues
|
CVE-2013-6952
|
2014-03-6 13:49 |
2014-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258752
|
- |
|
apple
|
iphone_os
|
The IOSerialFamily driver in Apple iOS before 7 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds array access) via a crafted application.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5139
|
2014-03-6 13:48 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258753
|
- |
|
apple
|
iphone_os
|
Per: http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
"Executing a malicious application may result in arbitrary
code execution within the kernel"
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5139
|
2014-03-6 13:48 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258754
|
- |
|
apple
|
mac_os_x
|
LaunchServices in Apple Mac OS X before 10.9 does not properly restrict Unicode characters in filenames, which allows context-dependent attackers to spoof file extensions via a crafted character sequ…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5178
|
2014-03-6 13:48 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258755
|
- |
|
apple
|
mac_os_x
|
App Sandbox in Apple Mac OS X before 10.9 allows attackers to bypass intended sandbox restrictions via a crafted app that uses the LaunchServices interface to specify process arguments.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5179
|
2014-03-6 13:48 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258756
|
- |
|
oracle
|
database_server
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, and 12.1.0.1 allows remote authenticated users to affect availability via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2013-5764
|
2014-03-6 13:48 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258757
|
- |
|
qemu
|
qemu
|
Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by "hot-unplugging" a virtio device.
|
CWE-399
Resource Management Errors
|
CVE-2013-4377
|
2014-03-6 13:47 |
2013-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258758
|
- |
|
openstack
|
grizzly havana
|
The LDAP backend in OpenStack Identity (Keystone) Grizzly and Havana, when removing a role on a tenant for a user who does not have that role, adds the role to the user, which allows local users to g…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4477
|
2014-03-6 13:47 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258759
|
- |
|
apple
|
quicktime mac_os_x
|
QuickTime in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted idsc atom in a QuickTi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1032
|
2014-03-6 13:43 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258760
|
- |
|
linux
|
linux_kernel
|
The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not properly handle problems with the generation of IPv6 temporary addresses, which allows remote attacke…
|
NVD-CWE-noinfo
|
CVE-2013-0343
|
2014-03-6 13:42 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|