|
258651
|
- |
|
roundcube
|
webmail
|
Absolute path traversal vulnerability in steps/mail/sendmail.inc in Roundcube Webmail before 0.7.3 and 0.8.x before 0.8.6 allows remote attackers to read arbitrary files via a full pathname in the _v…
|
CWE-22
Path Traversal
|
CVE-2013-1904
|
2014-02-11 00:44 |
2014-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258652
|
- |
|
gajim
|
gajim
|
The _ssl_verify_callback function in tls_nb.py in Gajim before 0.15.3 does not properly verify SSL certificates, which allows remote attackers to conduct man-in-the-middle (MITM) attacks and spoof se…
|
CWE-20
Improper Input Validation
|
CVE-2012-5524
|
2014-02-11 00:16 |
2014-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258653
|
- |
|
libcap
|
libcap
|
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4099
|
2014-02-11 00:09 |
2014-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258654
|
- |
|
gnu
opensuse
|
cpio
opensuse
|
cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symlink within an RPM package archive.
|
CWE-59
Link Following
|
CVE-2010-4226
|
2014-02-8 05:57 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258655
|
- |
|
opera
|
opera_browser
|
Opera before 19 on Mac OS X allows user-assisted remote attackers to spoof the address bar via vectors involving a drag-and-drop operation.
|
NVD-CWE-noinfo
|
CVE-2014-1870
|
2014-02-8 03:14 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258656
|
- |
|
gpsd_project
canonical
|
gpsd
ubuntu_linux
|
The NMEA0183 driver in gpsd before 3.9 allows remote attackers to cause a denial of service (daemon termination) and possibly execute arbitrary code via a GPS packet with a malformed $GPGGA interpret…
|
CWE-20
Improper Input Validation
|
CVE-2013-2038
|
2014-02-8 00:24 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258657
|
- |
|
oracle
|
e-business_suite
|
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, and 12.2.2 allows remote authenticated users to affect confidentiality v…
|
NVD-CWE-noinfo
|
CVE-2014-0366
|
2014-02-7 13:51 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258658
|
- |
|
oracle
|
hyperion
|
Unspecified vulnerability in the Hyperion Essbase Administration Services component in Oracle Hyperion 11.1.2.1, 11.1.2.2, and 11.1.2.3 allows remote authenticated users to affect confidentiality and…
|
NVD-CWE-noinfo
|
CVE-2014-0367
|
2014-02-7 13:51 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258659
|
- |
|
oracle
|
siebel_crm
|
Unspecified vulnerability in the Siebel Life Sciences component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect availability via unknown vectors related to Clinical T…
|
NVD-CWE-noinfo
|
CVE-2014-0370
|
2014-02-7 13:51 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258660
|
- |
|
oracle
|
supply_chain_products_suite
supply_chain_products_suite_sql-server
|
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0.x, 7.3.1.x, 12.2.0, 12.2.1, and 12.2.2 allows remote authe…
|
NVD-CWE-noinfo
|
CVE-2014-0371
|
2014-02-7 13:51 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
