|
258201
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors relate…
|
CWE-399
Resource Management Errors
|
CVE-2013-6655
|
2014-04-1 15:26 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258202
|
- |
|
google
|
chrome
|
The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting…
|
CWE-200
Information Exposure
|
CVE-2013-6656
|
2014-04-1 15:26 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258203
|
- |
|
google
|
chrome
|
core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6657
|
2014-04-1 15:26 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258204
|
- |
|
google
|
chrome
|
Multiple use-after-free vulnerabilities in the layout implementation in Blink, as used in Google Chrome before 33.0.1750.117, allow remote attackers to cause a denial of service or possibly have unsp…
|
CWE-399
Resource Management Errors
|
CVE-2013-6658
|
2014-04-1 15:26 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258205
|
- |
|
google
|
chrome
|
The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during ren…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6659
|
2014-04-1 15:26 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258206
|
- |
|
google
|
chrome
|
The drag-and-drop implementation in Google Chrome before 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote attackers to discover full pathna…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6660
|
2014-04-1 15:26 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258207
|
- |
|
google
|
chrome
|
Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknow…
|
NVD-CWE-noinfo
|
CVE-2013-6661
|
2014-04-1 15:26 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258208
|
- |
|
apache
ibm
|
geronimo
websphere_application_server
|
The JMX Remoting functionality in Apache Geronimo 3.x before 3.0.1, as used in IBM WebSphere Application Server (WAS) Community Edition 3.0.0.3 and other products, does not properly implement the RMI…
|
CWE-94
Code Injection
|
CVE-2013-1777
|
2014-04-1 15:19 |
2013-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258209
|
- |
|
gnu
|
gnutls
|
GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag is not enabled, treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restric…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5138
|
2014-04-1 14:44 |
2014-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258210
|
- |
|
chainfire
|
supersu
|
The Chainfire SuperSU package before 1.69 for Android allows attackers to gain privileges via the (1) backtick or (2) $() type of shell metacharacters in the -c option to /system/xbin/su.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6775
|
2014-04-1 04:08 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
