258711
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in Drupal 6.x before 6.28 and 7.x before 7.19, when running with older versions of jQuery that are vulnerable to CVE-2011-4969, allows remote attackers to inj…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0244
|
2014-03-8 14:02 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258712
|
- |
|
apache
|
solr
|
The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaratio…
|
NVD-CWE-noinfo
|
CVE-2012-6612
|
2014-03-8 14:02 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258713
|
- |
|
christos_zoulas tim_robbins
|
file libmagic
|
file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid po…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1571
|
2014-03-8 13:55 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258714
|
- |
|
drupal
|
drupal
|
Drupal 6.x before 6.23 and 7.x before 7.11 does not verify that Attribute Exchange (AX) information is signed, which allows remote attackers to modify potentially sensitive AX information without det…
|
CWE-200
Information Exposure
|
CVE-2012-0825
|
2014-03-8 13:54 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258715
|
- |
|
drupal
|
drupal
|
Cross-site request forgery (CSRF) vulnerability in the Aggregator module in Drupal 6.x before 6.23 and 7.x before 7.11 allows remote attackers to hijack the authentication of unspecified victims for …
|
CWE-352
Origin Validation Error
|
CVE-2012-0826
|
2014-03-8 13:54 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258716
|
- |
|
robert_ancell
|
lightdm
|
LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority.
|
CWE-59
Link Following
|
CVE-2011-4105
|
2014-03-8 13:51 |
2012-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258717
|
- |
|
ecryptfs
|
ecryptfs-utils ecryptfs_utils
|
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and con…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1831
|
2014-03-8 13:47 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258718
|
- |
|
ecryptfs
|
ecryptfs-utils ecryptfs_utils
|
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1832
|
2014-03-8 13:47 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258719
|
- |
|
ecryptfs
|
ecryptfs-utils ecryptfs_utils
|
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) o…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1834
|
2014-03-8 13:47 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258720
|
- |
|
ecryptfs
|
ecryptfs-utils ecryptfs_utils
|
The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users t…
|
CWE-255
Credentials Management
|
CVE-2011-1835
|
2014-03-8 13:47 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|