|
257611
|
- |
|
e107
|
e107
|
Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107 before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the query string.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2750
|
2014-01-24 01:21 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257612
|
- |
|
littlecms
|
little_cms_color_engine
|
Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) c…
|
NVD-CWE-Other
|
CVE-2013-4160
|
2014-01-23 07:42 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257613
|
- |
|
littlecms
|
little_cms_color_engine
|
Per: http://cwe.mitre.org/data/definitions/476.html "CWE-476: NULL Pointer Dereference"
|
NVD-CWE-Other
|
CVE-2013-4160
|
2014-01-23 07:42 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257614
|
- |
|
simon_mcvittie
|
telepathy_gabble
|
A certain hashing algorithm in Telepathy Gabble 0.16.x before 0.16.5 and 0.17.x before 0.17.3 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted m…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1769
|
2014-01-23 05:50 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257615
|
- |
|
kernel
|
util-linux
|
(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line …
|
CWE-200
Information Exposure
|
CVE-2013-0157
|
2014-01-23 05:26 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257616
|
- |
|
seagate
|
blackarmor_nas_220_firmware
blackarmor_nas_220
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to hijack the authentication of administrato…
|
CWE-352
Origin Validation Error
|
CVE-2013-6922
|
2014-01-23 04:49 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257617
|
- |
|
hexagon
|
erdas_er_viewer
|
Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of s…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3482
|
2014-01-22 06:14 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257618
|
- |
|
hexagon
|
erdas_er_viewer
|
Stack-based buffer overflow in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3483
|
2014-01-22 06:12 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257619
|
- |
|
libimobiledevice
|
libimobiledevice
|
userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.…
|
CWE-59
Link Following
|
CVE-2013-2142
|
2014-01-22 05:54 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257620
|
- |
|
wordpress
|
wordpress
|
wp-admin/press-this.php in WordPress before 3.0.6 does not enforce the publish_posts capability requirement, which allows remote authenticated users to perform publish actions by leveraging the Contr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5270
|
2014-01-22 02:31 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
