|
258721
|
- |
|
drupal
|
drupal
|
Drupal 6.x before 6.23 and 7.x before 7.11 does not verify that Attribute Exchange (AX) information is signed, which allows remote attackers to modify potentially sensitive AX information without det…
|
CWE-200
Information Exposure
|
CVE-2012-0825
|
2014-03-8 13:54 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258722
|
- |
|
drupal
|
drupal
|
Cross-site request forgery (CSRF) vulnerability in the Aggregator module in Drupal 6.x before 6.23 and 7.x before 7.11 allows remote attackers to hijack the authentication of unspecified victims for …
|
CWE-352
Origin Validation Error
|
CVE-2012-0826
|
2014-03-8 13:54 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258723
|
- |
|
robert_ancell
|
lightdm
|
LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on ~/.Xauthority.
|
CWE-59
Link Following
|
CVE-2011-4105
|
2014-03-8 13:51 |
2012-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258724
|
- |
|
ecryptfs
|
ecryptfs-utils
ecryptfs_utils
|
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and con…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1831
|
2014-03-8 13:47 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258725
|
- |
|
ecryptfs
|
ecryptfs-utils
ecryptfs_utils
|
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1832
|
2014-03-8 13:47 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258726
|
- |
|
ecryptfs
|
ecryptfs-utils
ecryptfs_utils
|
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) o…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1834
|
2014-03-8 13:47 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258727
|
- |
|
ecryptfs
|
ecryptfs-utils
ecryptfs_utils
|
The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users t…
|
CWE-255
Credentials Management
|
CVE-2011-1835
|
2014-03-8 13:47 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258728
|
- |
|
ecryptfs
|
ecryptfs-utils
ecryptfs_utils
|
utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard f…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1836
|
2014-03-8 13:47 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258729
|
- |
|
ecryptfs
|
ecryptfs-utils
ecryptfs_utils
|
The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1837
|
2014-03-8 13:47 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258730
|
- |
|
posh_project
|
posh
|
SQL injection vulnerability in portal/addtoapplication.php in POSH (aka Posh portal or Portaneo) 3.0 before 3.3.0 allows remote attackers to execute arbitrary SQL commands via the rssurl parameter.
|
CWE-89
SQL Injection
|
CVE-2014-2211
|
2014-03-8 05:32 |
2014-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
