258611
|
- |
|
owncloud
|
owncloud
|
ownCloud before 5.0.15 and 6.x before 6.0.2, when the file_external app is enabled, allows remote authenticated users to mount the local filesystem in the user's ownCloud via the mount configuration.
|
CWE-20
Improper Input Validation
|
CVE-2014-2585
|
2014-03-25 02:10 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258612
|
- |
|
owncloud
|
owncloud
|
Unspecified vulnerability in core/ajax/translations.php in ownCloud before 4.0.12 and 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via unknown vectors. NOTE: th…
|
NVD-CWE-noinfo
|
CVE-2013-0303
|
2014-03-25 01:38 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258613
|
- |
|
flowplayer
|
flowplayer_html5
|
Cross-site scripting (XSS) vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.3 allows remote attackers to inject arbitrary web script or HTML by using URL encoding…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7343
|
2014-03-25 00:16 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258614
|
- |
|
flowplayer
|
flowplayer_html5
|
Cross-site scripting (XSS) vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.1 allows remote attackers to inject arbitrary web script or HTML via the callback para…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7342
|
2014-03-25 00:14 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258615
|
- |
|
estrongs
|
es_file_explorer
|
Directory traversal vulnerability in the ES File Explorer File Manager application before 3.0.4 for Android allows remote attackers to overwrite or create arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2014-1970
|
2014-03-21 02:12 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258616
|
- |
|
estrongs
|
es_file_explorer
|
The EStrongs ES File Explorer application 1.6.0.2 through 1.6.1.1 for Android does not properly restrict access, which allows remote attackers to read arbitrary files via vectors involving an unspeci…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0322
|
2014-03-21 02:09 |
2012-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258617
|
- |
|
nttdocomo
|
spmode_mail_android
|
The NTT DOCOMO sp mode mail application 5900 through 6300 for Android 4.0.x and 6000 through 6620 for Android 4.1 through 4.4 allows remote attackers to execute arbitrary Java methods via Deco-mail e…
|
CWE-94
Code Injection
|
CVE-2014-1979
|
2014-03-21 01:36 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258618
|
- |
|
nttdocomo
|
spmode_mail_android
|
The NTT DOCOMO sp mode mail application 6300 and earlier for Android 4.0.x and 6700 and earlier for Android 4.1 through 4.4 uses weak permissions for attachments during processing of incoming e-mail …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1977
|
2014-03-21 01:03 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258619
|
- |
|
nttdocomo
|
spmode_mail_android
|
The application link interface in the NTT DOCOMO sp mode mail application 6100 through 6300 for Android 4.0.x and 6130 through 6700 for Android 4.1 through 4.4 writes message content to the SD card d…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1978
|
2014-03-21 01:02 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258620
|
- |
|
xnview
|
xnview
|
Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based buf…
|
CWE-189
Numeric Errors
|
CVE-2013-3938
|
2014-03-19 22:59 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|