|
257551
|
- |
|
lexmark
|
c52x
c53x
c920
c935dn
e250
e350
e450
t64x
w840
|
Multiple cross-site scripting (XSS) vulnerabilities on Lexmark W840 through LS.HA.P252, T64x before LS.ST.P344, C935dn through LC.JO.P091, C920 through LS.TA.P152, C53x through LS.SW.P069, C52x throu…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6033
|
2014-02-5 00:37 |
2014-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257552
|
- |
|
lexmark
|
25xxn
c52x
c53x
c77x
c78x
c920
c935dn
e250
e350
e450
n4000
n4050e
n70xxe
t64x
w840
x642
x644
x646
x64xef
x772
x78x
x85x
x94x
|
cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142, X85x through LC4.BE.P487, X644 and X646 before LC2.MC.P374, X642 through LC2.MB.P318, W840 through LS.HA.P252, T64…
|
CWE-20
Improper Input Validation
|
CVE-2013-6032
|
2014-02-5 00:29 |
2014-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257553
|
- |
|
craig_drummond
|
cantata
|
Cantata before 1.2.2 does not restrict access to files in the play queue, which allows remote attackers to obtain sensitive information by reading the songs in the queue.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7301
|
2014-02-4 03:44 |
2014-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257554
|
- |
|
robert_ancell
|
lightdm
|
Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensit…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4331
|
2014-02-4 03:22 |
2014-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257555
|
- |
|
enghouseinteractive
|
ivr_pro
|
An unspecified Enghouse Interactive Professional Services "addon product" in Enghouse Interactive IVR Pro (VIP2000) 9.0.3 (rel903), when using OpenVZ and fallback customization, uses the same SSH pri…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6838
|
2014-01-31 15:07 |
2014-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257556
|
- |
|
justsystems
|
sanshiro
|
Unspecified vulnerability in JustSystems Sanshiro 2007 before update 3, 2008 before update 5, 2009 before update 6, and 2010 before update 6, and Sanshiro Viewer before 2.0.2.0, allows remote attacke…
|
NVD-CWE-noinfo
|
CVE-2014-0810
|
2014-01-30 03:39 |
2014-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257557
|
- |
|
eviware
smartbear
|
soapui
|
The WSDL/WADL import functionality in SoapUI before 4.6.4 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file.
|
CWE-94
Code Injection
|
CVE-2014-1202
|
2014-01-28 13:57 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257558
|
- |
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.6, 11.1.1.7, and 11.1.2.1 allows remote attackers to affect confidentiality, integrity, and avai…
|
NVD-CWE-noinfo
|
CVE-2013-5785
|
2014-01-28 13:56 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257559
|
- |
|
oracle
|
fusion_middleware
|
Per: http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
"Please refer to Doc ID My Oracle Support Note 1608683.1 for instructions on how to address this issue."
|
NVD-CWE-noinfo
|
CVE-2013-5785
|
2014-01-28 13:56 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257560
|
- |
|
oracle
|
supply_chain_products_suite
supply_chain_products_suite_sql-server
|
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.1, 12.2.2, and 12.2.3 allows remote attackers…
|
NVD-CWE-noinfo
|
CVE-2013-5795
|
2014-01-28 13:56 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
