|
260171
|
- |
|
corel
|
pdf_fusion
|
Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS f…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0742
|
2013-10-7 22:35 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260172
|
- |
|
apple
|
mac_os_x
|
Directory Services in Apple Mac OS X before 10.8.5 Supplemental Update allows local users to bypass password-based authentication and modify arbitrary Directory Services records via unspecified vecto…
|
CWE-287
Improper Authentication
|
CVE-2013-5163
|
2013-10-7 22:06 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260173
|
- |
|
apple
|
mac_os_x
|
per http://lists.apple.com/archives/security-announce/2013/Oct/msg00000.html version 10.8.5 is vulnerable.
|
CWE-287
Improper Authentication
|
CVE-2013-5163
|
2013-10-7 22:06 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260174
|
- |
|
martin_pitt
canonical
|
jockey
ubuntu_linux
|
backend.py in Jockey before 0.9.7-0ubuntu7.11 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a Po…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1065
|
2013-10-5 01:59 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260175
|
- |
|
canonical
evan_dandrea
|
ubuntu_linux
usb-creator
|
usb-creator 0.2.47 before 0.2.47.1, 0.2.40 before 0.2.40ubuntu2, and 0.2.38 before 0.2.38.2 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1063
|
2013-10-5 01:58 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260176
|
- |
|
tp-link
|
tl-sc3130
tl-sc3130g
tl-sc3171
tl-sc3171g
lm_firmware
|
The TP-Link IP Cameras TL-SC3171, TL-SC3130, TL-SC3130G, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6, does not properly restrict access to certain administrative fun…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3688
|
2013-10-5 01:43 |
2013-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260177
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite before 7.2.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) content with the text/xml MIM…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5690
|
2013-10-5 01:41 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260178
|
- |
|
corel
|
pdf_fusion
|
Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a director…
|
NVD-CWE-Other
|
CVE-2013-3248
|
2013-10-5 01:37 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260179
|
- |
|
corel
|
pdf_fusion
|
Per: http://cwe.mitre.org/data/definitions/426.html
'CWE-426 Untrusted Search Path'
|
NVD-CWE-Other
|
CVE-2013-3248
|
2013-10-5 01:37 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260180
|
- |
|
apache
|
roller
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the admin/editor console in Apache Roller before 5.0.1 allow remote attackers to hijack the authentication of admins or editors by levera…
|
CWE-352
Origin Validation Error
|
CVE-2012-2380
|
2013-10-5 00:11 |
2012-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
