|
260651
|
- |
|
john_nunemaker
|
httparty
|
The httparty gem 0.9.0 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or ca…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1801
|
2013-04-10 13:00 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260652
|
- |
|
dan_kubb
|
extlib
|
The extlib gem 0.9.15 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cau…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1802
|
2013-04-10 13:00 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260653
|
- |
|
digineo
|
thumbshooter
|
lib/thumbshooter.rb in the Thumbshooter 0.1.5 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
|
CWE-94
Code Injection
|
CVE-2013-1898
|
2013-04-10 13:00 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260654
|
- |
|
chatelao
|
php_address_book
|
Cross-site request forgery (CSRF) vulnerability in addressbook/register/delete_user.php in PHP Address Book 8.2.5 allows remote attackers to hijack the authentication of administrators for requests t…
|
CWE-352
Origin Validation Error
|
CVE-2013-2778
|
2013-04-10 00:25 |
2013-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260655
|
- |
|
airdroid
|
airdroid
|
Cross-site scripting (XSS) vulnerability in the web interface in AirDroid allows remote attackers to inject arbitrary web script or HTML via a crafted text message that is transmitted by a managed ph…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0134
|
2013-04-10 00:22 |
2013-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260656
|
- |
|
nvidia
|
driver
|
daemonu.exe (aka the NVIDIA Update Service Daemon), as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the service pa…
|
NVD-CWE-Other
|
CVE-2013-0111
|
2013-04-9 23:24 |
2013-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260657
|
- |
|
nvidia
|
driver
|
nvSCPAPISvr.exe in the NVIDIA Stereoscopic 3D Driver service, as distributed with the NVIDIA driver before 307.78, and Release 310 before 311.00, on Windows, lacks " (double quote) characters in the …
|
NVD-CWE-Other
|
CVE-2013-0110
|
2013-04-9 23:19 |
2013-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260658
|
- |
|
nvidia
|
display_driver
|
The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not properly handle exceptions, which allows local users to gain privileges or cau…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0109
|
2013-04-9 13:00 |
2013-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260659
|
- |
|
cogentdatahub
|
cogent_datahub
opc_datahub
cascade_datahub
datahub_quicktrend
|
Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend befo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0680
|
2013-04-9 13:00 |
2013-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260660
|
- |
|
cogentdatahub
|
cogent_datahub
opc_datahub
cascade_datahub
datahub_quicktrend
|
Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0682
|
2013-04-9 13:00 |
2013-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
