|
257601
|
- |
|
duckcorp
|
bip
|
Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated users to execute arbitrary code via vectors involving a series of TCP connections that triggers use of many open file descrip…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0806
|
2013-12-13 13:56 |
2012-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257602
|
- |
|
dokuwiki
|
dokuwiki
|
DokuWiki 2009-12-25c allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/tpl/i…
|
CWE-200
Information Exposure
|
CVE-2011-3727
|
2013-12-13 13:52 |
2011-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257603
|
- |
|
iain
|
gypsy
|
gypsy 0.8 does not properly restrict the files that can be read while running with root privileges, which allows local users to read otherwise restricted files via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0523
|
2013-12-13 13:46 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257604
|
- |
|
iain
|
gypsy
|
Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 allow local users to cause a denial of service (crash) via unspecified vectors related to the sprintf function.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0524
|
2013-12-13 13:46 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257605
|
- |
|
adobe
|
shockwave_player
|
Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5334
|
2013-12-13 03:44 |
2013-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257606
|
- |
|
adobe
|
shockwave_player
|
Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5333
|
2013-12-13 03:43 |
2013-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257607
|
- |
|
siemens
|
comos
|
Siemens COMOS before 9.2.0.8.1, 10.0 before 10.0.3.1.40, and 10.1 before 10.1.0.0.2 allows local users to gain database privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6840
|
2013-12-13 02:11 |
2013-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257608
|
- |
|
siemens
|
comos
|
Per: https://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-568732.pdf
AC:M for "Mitigating factors:
The attacker must have local access to the system as authentic…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6840
|
2013-12-13 02:11 |
2013-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257609
|
- |
|
cisco
|
scientific_atlanta_dpc\/epc2100
scientific_atlanta_dpc\/epc2202
scientific_atlanta_dpc\/epc2203
scientific_atlanta_dpc\/epc2325
scientific_atlanta_dpc\/epc2425
scientific_atlanta_dpc\/…
|
Cross-site scripting (XSS) vulnerability in the web-wizard setup page on Cisco Scientific Atlanta D20 and D30 cable modems allows remote attackers to inject arbitrary web script or HTML via unspecifi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3047
|
2013-12-13 01:56 |
2013-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257610
|
- |
|
novell
|
suse_lifecycle_management_server
|
SUSE Lifecycle Management Server (SLMS) before 1.3.7 does not generate a new secret key when the service starts, which allows remote attackers to defeat intended cryptographic protection mechanisms b…
|
CWE-310
Cryptographic Issues
|
CVE-2013-3710
|
2013-12-13 00:18 |
2013-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
