258701
|
- |
|
owncloud
|
owncloud
|
SQL injection vulnerability in lib/bookmarks.php in ownCloud Server 4.5.x before 4.5.11 and 5.x before 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vector…
|
CWE-89
SQL Injection
|
CVE-2013-2046
|
2014-03-10 23:15 |
2014-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258702
|
- |
|
owncloud
|
owncloud
|
SQL injection vulnerability in lib/db.php in ownCloud Server 5.0.x before 5.0.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2013-2045
|
2014-03-10 23:12 |
2014-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258703
|
- |
|
openstack
|
image_registry_and_delivery_service_\(glance\)
|
OpenStack Image Registry and Delivery Service (Glance) 2013.2 through 2013.2.1 and Icehouse before icehouse-2 logs a URL containing the Swift store backend password when authentication fails and WARN…
|
CWE-255
Credentials Management
|
CVE-2014-1948
|
2014-03-8 14:13 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258704
|
- |
|
php
|
php
|
ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric …
|
CWE-189
Numeric Errors
|
CVE-2014-2020
|
2014-03-8 14:13 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258705
|
- |
|
openstack
|
swift
|
The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timin…
|
CWE-200
Information Exposure
|
CVE-2014-0006
|
2014-03-8 14:12 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258706
|
- |
|
openstack
|
havana
|
Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 and icehouse-1 does not validate the instance ID of the tenant making a request, which allows remote tenants to obtain sensitive…
|
CWE-200
Information Exposure
|
CVE-2013-6419
|
2014-03-8 14:11 |
2014-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258707
|
- |
|
pidgin
|
pidgin
|
Integer signedness error in the MXit functionality in Pidgin before 2.10.8 allows remote attackers to cause a denial of service (segmentation fault) via a crafted emoticon value, which triggers an in…
|
CWE-189
Numeric Errors
|
CVE-2013-6489
|
2014-03-8 14:11 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258708
|
- |
|
pidgin
|
pidgin
|
The SIMPLE protocol functionality in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a negative Content-Length header, which triggers a buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6490
|
2014-03-8 14:11 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258709
|
- |
|
jgroups redhat
|
jgroup jboss_enterprise_application_platform
|
The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code b…
|
CWE-200
Information Exposure
|
CVE-2013-4112
|
2014-03-8 14:09 |
2013-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258710
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
PicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users to obtain the admin encryption key by reading the Vault data file.
|
CWE-310
Cryptographic Issues
|
CVE-2013-1921
|
2014-03-8 14:05 |
2013-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|