259961
|
- |
|
oracle
|
financial_services_software
|
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.3.0 through 5.3.4, 6.0.1, and 6.2.0 allows remote authenticated users to affec…
|
NVD-CWE-noinfo
|
CVE-2012-0541
|
2013-10-11 12:40 |
2012-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259962
|
- |
|
oracle
|
database_server
|
Unspecified vulnerability in the Oracle Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confiden…
|
NVD-CWE-noinfo
|
CVE-2012-0552
|
2013-10-11 12:40 |
2012-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259963
|
- |
|
php
|
php
|
The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an…
|
CWE-20
Improper Input Validation
|
CVE-2011-1398
|
2013-10-11 12:34 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259964
|
- |
|
shibboleth
|
opensaml shibboleth-identity-provider
|
Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
|
CWE-287
Improper Authentication
|
CVE-2011-1411
|
2013-10-11 12:34 |
2011-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259965
|
- |
|
symantec
|
messaging_gateway
|
Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive information about component versions via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2012-3581
|
2013-10-11 05:48 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259966
|
- |
|
sebastien_corbin
|
make_meeting_scheduler_module
|
The Make Meeting Scheduler module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to bypass intended access restrictions for a poll via a direct request to the node's URL instead of the has…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4379
|
2013-10-11 05:41 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259967
|
- |
|
alienvault
|
open_source_security_information_management
|
Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the date_from par…
|
CWE-89
SQL Injection
|
CVE-2013-5967
|
2013-10-11 05:38 |
2013-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259968
|
- |
|
menalto
|
gallery
|
The (1) uploadify and (2) flowplayer SWF files in Gallery 3 before 3.0.8 do not properly remove query parameters and fragments, which allows remote attackers to have an unspecified impact via a repla…
|
CWE-20
Improper Input Validation
|
CVE-2013-2138
|
2013-10-11 05:28 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259969
|
- |
|
menalto
|
gallery
|
lib/flowplayer.swf.php in Gallery 3 before 3.0.9 does not properly remove query fragments, which allows remote attackers to have an unspecified impact via a replay attack, a different vulnerability t…
|
NVD-CWE-noinfo
|
CVE-2013-2240
|
2013-10-11 05:27 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259970
|
- |
|
menalto
|
gallery
|
modules/gallery/helpers/data_rest.php in Gallery 3 before 3.0.9 allows remote attackers to bypass intended access restrictions and obtain sensitive information (image files) via the "full" string in …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2241
|
2013-10-11 05:26 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|