258641
|
- |
|
brocade
|
adx bigiron_rx fastiron icx mlx netiron_cer netiron_ces netiron_xmr turboiron vdx vyatta
|
The OSPF implementation on Brocade routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA databa…
|
CWE-20
Improper Input Validation
|
CVE-2013-7306
|
2014-01-24 04:09 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258642
|
- |
|
redhat
|
cloudforms cloudforms_3.0_management_engine
|
CloudForms 3.0 Management Engine before 5.2.1.6 allows remote attackers to bypass the Ruby on Rails protect_from_forgery mechanism and conduct cross-site request forgery (CSRF) attacks via a destruct…
|
CWE-352
Origin Validation Error
|
CVE-2013-6443
|
2014-01-24 03:18 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258643
|
- |
|
redhat
|
jboss_seam_2_framework
|
The InterfaceGenerator handler in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier, as used in JBoss Web Framework Kit, allows remote attackers to bypass the WebRemote annotation restr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6448
|
2014-01-24 03:17 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258644
|
- |
|
redhat
|
jboss_seam_2_framework
|
Multiple XML External Entity (XXE) vulnerabilities in the (1) ExecutionHandler, (2) PollHandler, and (3) SubscriptionHandler classes in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier…
|
CWE-200
Information Exposure
|
CVE-2013-6447
|
2014-01-24 03:16 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258645
|
- |
|
lockon
|
ec-cube
|
data/class/pages/shopping/LC_Page_Shopping_Deliv.php in LOCKON EC-CUBE 2.4.4 and earlier, and 2.11.0 through 2.12.2, allows remote attackers to modify data via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2014-0807
|
2014-01-24 03:10 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258646
|
- |
|
augeas
|
augeas
|
The transform_save function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a "7," which causes world-writable permissions to be…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6412
|
2014-01-24 02:55 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258647
|
- |
|
e107
|
e107
|
fpw.php in e107 through 1.0.4 does not check the user_ban field, which makes it easier for remote attackers to reset passwords by sending a pwsubmit request and leveraging access to the e-mail accoun…
|
CWE-255
Credentials Management
|
CVE-2013-7305
|
2014-01-24 01:38 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258648
|
- |
|
e107
|
e107
|
Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107 before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the query string.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2750
|
2014-01-24 01:21 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258649
|
- |
|
littlecms
|
little_cms_color_engine
|
Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) c…
|
NVD-CWE-Other
|
CVE-2013-4160
|
2014-01-23 07:42 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258650
|
- |
|
littlecms
|
little_cms_color_engine
|
Per: http://cwe.mitre.org/data/definitions/476.html "CWE-476: NULL Pointer Dereference"
|
NVD-CWE-Other
|
CVE-2013-4160
|
2014-01-23 07:42 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|