258751
|
- |
|
google
|
chrome
|
Multiple use-after-free vulnerabilities in the layout implementation in Blink, as used in Google Chrome before 33.0.1750.117, allow remote attackers to cause a denial of service or possibly have unsp…
|
CWE-399
Resource Management Errors
|
CVE-2013-6658
|
2014-04-1 15:26 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258752
|
- |
|
google
|
chrome
|
The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during ren…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6659
|
2014-04-1 15:26 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258753
|
- |
|
google
|
chrome
|
The drag-and-drop implementation in Google Chrome before 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote attackers to discover full pathna…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6660
|
2014-04-1 15:26 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258754
|
- |
|
google
|
chrome
|
Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknow…
|
NVD-CWE-noinfo
|
CVE-2013-6661
|
2014-04-1 15:26 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258755
|
- |
|
apache ibm
|
geronimo websphere_application_server
|
The JMX Remoting functionality in Apache Geronimo 3.x before 3.0.1, as used in IBM WebSphere Application Server (WAS) Community Edition 3.0.0.3 and other products, does not properly implement the RMI…
|
CWE-94
Code Injection
|
CVE-2013-1777
|
2014-04-1 15:19 |
2013-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258756
|
- |
|
gnu
|
gnutls
|
GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag is not enabled, treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restric…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5138
|
2014-04-1 14:44 |
2014-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258757
|
- |
|
chainfire
|
supersu
|
The Chainfire SuperSU package before 1.69 for Android allows attackers to gain privileges via the (1) backtick or (2) $() type of shell metacharacters in the -c option to /system/xbin/su.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6775
|
2014-04-1 04:08 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258758
|
- |
|
koushik_dutta
|
superuser
|
The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android allows attackers to gain privileges via shell metacharacters in the -c option to /system/xbin/su.
|
CWE-20
Improper Input Validation
|
CVE-2013-6769
|
2014-04-1 04:01 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258759
|
- |
|
koushik_dutta
|
superuser
|
Untrusted search path vulnerability in the CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier allows attackers to trigger the launch of a Trojan horse app_process …
|
CWE-22
Path Traversal
|
CVE-2013-6768
|
2014-04-1 03:59 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258760
|
- |
|
redhat
|
conga enterprise_linux
|
Luci in Red Hat Conga does not properly enforce the user session timeout, which might allow attackers to gain access to the session by reading the __ac session cookie. NOTE: this issue has been SPLI…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7347
|
2014-04-1 03:23 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|