258731
|
- |
|
openstack
|
swift
|
The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timin…
|
CWE-200
Information Exposure
|
CVE-2014-0006
|
2014-03-8 14:12 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258732
|
- |
|
openstack
|
havana
|
Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 and icehouse-1 does not validate the instance ID of the tenant making a request, which allows remote tenants to obtain sensitive…
|
CWE-200
Information Exposure
|
CVE-2013-6419
|
2014-03-8 14:11 |
2014-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258733
|
- |
|
pidgin
|
pidgin
|
Integer signedness error in the MXit functionality in Pidgin before 2.10.8 allows remote attackers to cause a denial of service (segmentation fault) via a crafted emoticon value, which triggers an in…
|
CWE-189
Numeric Errors
|
CVE-2013-6489
|
2014-03-8 14:11 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258734
|
- |
|
pidgin
|
pidgin
|
The SIMPLE protocol functionality in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a negative Content-Length header, which triggers a buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6490
|
2014-03-8 14:11 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258735
|
- |
|
jgroups redhat
|
jgroup jboss_enterprise_application_platform
|
The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code b…
|
CWE-200
Information Exposure
|
CVE-2013-4112
|
2014-03-8 14:09 |
2013-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258736
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
PicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users to obtain the admin encryption key by reading the Vault data file.
|
CWE-310
Cryptographic Issues
|
CVE-2013-1921
|
2014-03-8 14:05 |
2013-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258737
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in Drupal 6.x before 6.28 and 7.x before 7.19, when running with older versions of jQuery that are vulnerable to CVE-2011-4969, allows remote attackers to inj…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0244
|
2014-03-8 14:02 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258738
|
- |
|
apache
|
solr
|
The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaratio…
|
NVD-CWE-noinfo
|
CVE-2012-6612
|
2014-03-8 14:02 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258739
|
- |
|
christos_zoulas tim_robbins
|
file libmagic
|
file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid po…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1571
|
2014-03-8 13:55 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258740
|
- |
|
drupal
|
drupal
|
Drupal 6.x before 6.23 and 7.x before 7.11 does not verify that Attribute Exchange (AX) information is signed, which allows remote attackers to modify potentially sensitive AX information without det…
|
CWE-200
Information Exposure
|
CVE-2012-0825
|
2014-03-8 13:54 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|