|
257491
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in the Image module in Drupal 7.x before 7.24 allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the descri…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6387
|
2014-01-4 13:50 |
2013-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257492
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in the Color module in Drupal 7.x before 7.24 allows remote attackers to inject arbitrary web script or HTML via vectors related to CSS.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6388
|
2014-01-4 13:50 |
2013-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257493
|
- |
|
drupal
|
drupal
|
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.24 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2013-6389
|
2014-01-4 13:50 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257494
|
- |
|
videocharge
|
watermark_master
|
Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows remote attackers to execute arbitrary code via a long string in the name attribute of the cols element in a .wstyle file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6937
|
2014-01-4 13:50 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257495
|
- |
|
hp
|
3com_router
5500-24g-4sfp_hi_switch_with_2_interface_slots
5500-24g-poe_ei_switch
5500-24g-poe_si_switch
5500-24g-sfp_dc_ei_switch
5500-24g-sfp_ei_switch
5500-24g_dc_ei_switch
55…
|
The OSPF implementation on HP JD9##A routers; HP J4###A, J484#B, J8###A, JD3##A, JE###A, and JF55#A switches; HP 3COM routers and switches; and HP H3C routers and switches does not consider the possi…
|
NVD-CWE-noinfo
|
CVE-2013-4806
|
2014-01-4 13:49 |
2013-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257496
|
- |
|
gnupg
|
gnupg
|
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass int…
|
CWE-310
Cryptographic Issues
|
CVE-2013-4351
|
2014-01-4 13:48 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257497
|
- |
|
gnupg
canonical
|
gnupg
ubuntu_linux
|
The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.
|
CWE-20
Improper Input Validation
|
CVE-2013-4402
|
2014-01-4 13:48 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257498
|
- |
|
fedoraproject
duckcorp
|
fedora
bip
|
Bip before 0.8.9, when running as a daemon, writes SSL handshake errors to an unexpected file descriptor that was previously associated with stderr before stderr has been closed, which allows remote …
|
CWE-310
Cryptographic Issues
|
CVE-2013-4550
|
2014-01-4 13:48 |
2013-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257499
|
- |
|
duckcorp
fedoraproject
|
bip
fedora
|
connection.c in Bip before 0.8.9 does not properly close sockets, which allows remote attackers to cause a denial of service (file descriptor consumption and crash) via multiple failed SSL handshakes…
|
CWE-310
Cryptographic Issues
|
CVE-2011-5268
|
2014-01-4 13:35 |
2013-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257500
|
- |
|
fatfreecrm
|
fat_free_crm
|
config/initializers/secret_token.rb in Fat Free CRM before 0.12.1 has a fixed FatFreeCRM::Application.config.secret_token value, which makes it easier for remote attackers to spoof signed cookies by …
|
CWE-310
Cryptographic Issues
|
CVE-2013-7222
|
2014-01-4 02:12 |
2014-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
