|
257501
|
- |
|
extended_module_player_project
|
extended_module_player
|
Buffer overflow in the get_dsmp function in loaders/masi_load.c in libxmp before 4.1.0 allows remote attackers to execute arbitrary code via a crafted MASI file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1980
|
2014-02-12 23:09 |
2014-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257502
|
- |
|
i-doit
|
i-doit
|
Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7, i-doit pro 1.0 and earlier, and i-doit pro 1.0.2 when the 'sanitize user input' flag is not enabled, allow remote …
|
CWE-79
Cross-site Scripting
|
CVE-2013-1413
|
2014-02-12 22:55 |
2014-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257503
|
- |
|
fortinet
|
fortios
|
Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 5.0.5 allows remote attackers to inject arbitrary web script or HTML via the mkey parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7182
|
2014-02-12 13:50 |
2014-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257504
|
- |
|
torproject
|
tor
|
Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for (1) rel…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7295
|
2014-02-12 13:50 |
2014-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257505
|
- |
|
ruby-lang
|
ruby
|
Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4466
|
2014-02-12 13:39 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257506
|
- |
|
nicolas_cannasse
|
ocaml_xml-light_library
|
OCaml Xml-Light Library before r234 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service …
|
CWE-310
Cryptographic Issues
|
CVE-2012-3514
|
2014-02-12 13:38 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257507
|
- |
|
andy_armstrong
|
cgi.pm
|
Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists…
|
NVD-CWE-noinfo
|
CVE-2010-4411
|
2014-02-12 13:24 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257508
|
- |
|
apache
|
wicket
|
Unspecified vulnerability in Apache Wicket 1.4.x before 1.4.23, 1.5.x before 1.5.11, and 6.x before 6.8.0 allows remote attackers to obtain sensitive information via vectors that cause raw HTML templ…
|
NVD-CWE-noinfo
|
CVE-2013-2055
|
2014-02-12 05:14 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257509
|
- |
|
x
xkeyboard_config_project
|
x.org_x11
xkeyboard-config
|
xkeyboard-config before 2.5 in X.Org before 7.6 enables certain XKB debugging functions by default, which allows physically proximate attackers to bypass an X screen lock via keyboard combinations th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0064
|
2014-02-12 04:56 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257510
|
- |
|
symantec
|
web_gateway
|
Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.2 allow remote authenticated users to execute arbitrary SQL commands via unspecif…
|
CWE-89
SQL Injection
|
CVE-2013-5012
|
2014-02-12 00:22 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
