261121
|
- |
|
realnetworks
|
realplayer realplayer_sp
|
Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1750
|
2013-03-21 13:00 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261122
|
- |
|
samba
|
samba
|
Samba 4.x before 4.0.4, when configured as an Active Directory domain controller, uses world-writable permissions on non-default CIFS shares, which allows remote authenticated users to read, modify, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1863
|
2013-03-21 13:00 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261123
|
- |
|
rubygems
|
command_wrap
|
command_wrap.rb in the command_wrap Gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL or filename.
|
CWE-94
Code Injection
|
CVE-2013-1875
|
2013-03-21 13:00 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261124
|
- |
|
tibco
|
spotfire_web_player
|
Cross-site scripting (XSS) vulnerability in the Engine in TIBCO Spotfire Web Player 3.3.x before 3.3.3, 4.0.x before 4.0.3, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 allows remote attackers to injec…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2372
|
2013-03-21 13:00 |
2013-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261125
|
- |
|
rubygems
|
fastreader
|
lib/entry_controller.rb in the fastreader Gem 1.0.8 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
|
CWE-94
Code Injection
|
CVE-2013-2615
|
2013-03-21 13:00 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261126
|
- |
|
foscam
|
fi8919w
|
Directory traversal vulnerability in the web interface on Foscam devices with firmware before 11.37.2.49 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI, as demonstrated…
|
CWE-22
Path Traversal
|
CVE-2013-2560
|
2013-03-20 13:00 |
2013-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261127
|
- |
|
apache
|
qpid
|
The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the clien…
|
CWE-189
Numeric Errors
|
CVE-2012-4458
|
2013-03-20 01:49 |
2013-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261128
|
- |
|
freeradius
|
freeradius
|
modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenti…
|
CWE-255
Credentials Management
|
CVE-2011-4966
|
2013-03-19 21:35 |
2013-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261129
|
- |
|
ganglia
|
ganglia-web
|
Multiple cross-site scripting (XSS) vulnerabilities in Ganglia Web before 3.5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0275
|
2013-03-19 13:00 |
2013-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261130
|
- |
|
fedoraproject
|
389_directory_server
|
389 Directory Server before 1.3.0.4 allows remote attackers to cause a denial of service (crash) via a zero length LDAP control sequence.
|
CWE-189
Numeric Errors
|
CVE-2013-0312
|
2013-03-19 13:00 |
2013-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|