|
257621
|
- |
|
jean-paul_calderone
canonical
|
pyopenssl
ubuntu_linux
|
The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle a…
|
CWE-20
Improper Input Validation
|
CVE-2013-4314
|
2013-12-8 15:00 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257622
|
- |
|
jamroom
|
search_module
|
Cross-site scripting (XSS) vulnerability in the Search module before 1.1.1 for Jamroom allows remote attackers to inject arbitrary web script or HTML via the search_string parameter to search/results…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6804
|
2013-12-7 03:33 |
2013-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257623
|
- |
|
boost
|
boost
|
boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not properly detect certain invalid UTF-8 sequences, which might allow remote attackers to bypass input vali…
|
CWE-20
Improper Input Validation
|
CVE-2013-0252
|
2013-12-5 14:22 |
2013-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257624
|
- |
|
fail2ban
|
fail2ban
|
server/action.py in Fail2ban before 0.8.8 does not properly handle the content of the matches tag, which might allow remote attackers to trigger unsafe behavior in a custom action file via unspecifie…
|
NVD-CWE-noinfo
|
CVE-2012-5642
|
2013-12-5 14:20 |
2012-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257625
|
- |
|
cups-pk-helper_project
|
cups-pk-helper
|
cups-pk-helper before 0.2.3 does not properly wrap the (1) cupsGetFile and (2) cupsPutFile function calls, which allows user-assisted remote attackers to read or overwrite sensitive files using CUPS …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4510
|
2013-12-5 14:17 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257626
|
- |
|
gnome
|
gnome-keyring
|
GNOME gnome-keyring 3.4.0 through 3.4.1, when gpg-cache-method is set to "idle" or "timeout," does not properly limit the amount of time a passphrase is cached, which allows attackers to have an unsp…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3466
|
2013-12-5 14:15 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257627
|
- |
|
novell
|
suse_linux_enterprise_for_sap_applications
|
Race condition in sap_suse_cluster_connector before 1.0.0-0.8.1 in SUSE Linux Enterprise for SAP Applications 11 SP2 allows local users to have an unspecified impact via vectors related to a tmp/ dir…
|
CWE-362
Race Condition
|
CVE-2012-0426
|
2013-12-3 09:37 |
2013-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257628
|
- |
|
opensuse
|
zypper
|
zypp-refresh-wrapper in SUSE Zypper before 1.3.20 and 1.6.x before 1.6.166 allows local users to create files in arbitrary directories, or possibly have unspecified other impact, via a pathname in th…
|
NVD-CWE-noinfo
|
CVE-2012-0420
|
2013-12-3 09:03 |
2013-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257629
|
- |
|
checkpoint
|
endpoint_security
|
Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate attac…
|
CWE-255
Credentials Management
|
CVE-2013-5636
|
2013-12-3 02:29 |
2013-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257630
|
- |
|
checkpoint
|
endpoint_security
|
Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to by…
|
CWE-255
Credentials Management
|
CVE-2013-5635
|
2013-12-3 01:20 |
2013-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
