259101
|
- |
|
simon_mcvittie
|
telepathy_gabble
|
A certain hashing algorithm in Telepathy Gabble 0.16.x before 0.16.5 and 0.17.x before 0.17.3 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted m…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1769
|
2014-01-23 05:50 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259102
|
- |
|
kernel
|
util-linux
|
(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line …
|
CWE-200
Information Exposure
|
CVE-2013-0157
|
2014-01-23 05:26 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259103
|
- |
|
seagate
|
blackarmor_nas_220_firmware blackarmor_nas_220
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to hijack the authentication of administrato…
|
CWE-352
Origin Validation Error
|
CVE-2013-6922
|
2014-01-23 04:49 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259104
|
- |
|
hexagon
|
erdas_er_viewer
|
Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of s…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3482
|
2014-01-22 06:14 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259105
|
- |
|
hexagon
|
erdas_er_viewer
|
Stack-based buffer overflow in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3483
|
2014-01-22 06:12 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259106
|
- |
|
libimobiledevice
|
libimobiledevice
|
userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.…
|
CWE-59
Link Following
|
CVE-2013-2142
|
2014-01-22 05:54 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259107
|
- |
|
wordpress
|
wordpress
|
wp-admin/press-this.php in WordPress before 3.0.6 does not enforce the publish_posts capability requirement, which allows remote authenticated users to perform publish actions by leveraging the Contr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5270
|
2014-01-22 02:31 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259108
|
- |
|
wordpress
|
wordpress
|
WordPress before 3.0.1, when a Multisite installation is used, permanently retains the "site administrators can add users" option once changed, which might allow remote authenticated administrators t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5297
|
2014-01-22 02:28 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259109
|
- |
|
wordpress
|
wordpress
|
wp-includes/capabilities.php in WordPress before 3.0.2, when a Multisite configuration is used, does not require the Super Admin role for the delete_users capability, which allows remote authenticate…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5296
|
2014-01-22 02:20 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259110
|
- |
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers to inject arbitrary web script or HTML via a plugin's author field, which is no…
|
CWE-79
Cross-site Scripting
|
CVE-2010-5295
|
2014-01-22 02:19 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|