|
259861
|
- |
|
digium
|
asterisk
certified_asterisk
|
The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source 1.8.17.x through 1.8.22.x, 1.8.23.x before 1.8.23.1, and 11.x before 11.5.1 and Certified Asterisk 1.8.15 before 1.8.15-cert3 and …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5641
|
2013-09-12 12:37 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259862
|
- |
|
digium
|
asterisk
asterisk_digiumphones
certified_asterisk
|
The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source 1.8.x before 1.8.23.1, 10.x before 10.12.3, and 11.x before 11.5.1; Certified Asterisk 1.8.15 before 1.8.15-cert3 and 11.2 before …
|
CWE-20
Improper Input Validation
|
CVE-2013-5642
|
2013-09-12 12:37 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259863
|
- |
|
roundcube
|
webmail
|
Multiple cross-site scripting (XSS) vulnerabilities in Roundcube webmail before 0.9.3 allow user-assisted remote attackers to inject arbitrary web script or HTML via the body of a message visited in …
|
CWE-79
Cross-site Scripting
|
CVE-2013-5645
|
2013-09-12 12:37 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259864
|
- |
|
advanceprotech
|
advanceware
|
AdvancePro Advanceware allows remote authenticated users to obtain sensitive information about arbitrary customers' orders via a modified id parameter.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3596
|
2013-09-12 12:36 |
2013-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259865
|
- |
|
php
|
php
|
Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (applic…
|
CWE-189
Numeric Errors
|
CVE-2013-4635
|
2013-09-12 12:36 |
2013-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259866
|
- |
|
lockon
|
ec-cube
|
Multiple directory traversal vulnerabilities in the doApiAction function in data/class/api/SC_Api_Operation.php in LOCKON EC-CUBE 2.12.0 through 2.12.5 on Windows allow remote attackers to read arbit…
|
CWE-22
Path Traversal
|
CVE-2013-4702
|
2013-09-12 12:36 |
2013-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259867
|
- |
|
x
|
libxp
|
Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XpGetAttributes, (2) XpGe…
|
CWE-189
Numeric Errors
|
CVE-2013-2062
|
2013-09-12 12:34 |
2013-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259868
|
- |
|
gnome
|
gnome_display_manager
|
GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/.
|
CWE-59
Link Following
|
CVE-2013-4169
|
2013-09-12 10:06 |
2013-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259869
|
- |
|
fedoraproject
|
389_directory_server
|
ns-slapd in 389 Directory Server before 1.3.0.8 allows remote attackers to cause a denial of service (server crash) via a crafted Distinguished Name (DN) in a MOD operation request.
|
CWE-20
Improper Input Validation
|
CVE-2013-4283
|
2013-09-11 23:13 |
2013-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259870
|
- |
|
ibm
|
db2
|
IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege for the SET SESSION AUTHORIZATION statement, which has unspecified impact and remote attack vectors.
|
NVD-CWE-noinfo
|
CVE-2009-3473
|
2013-09-11 14:59 |
2009-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
