261601
|
- |
|
freetype
|
freetype
|
Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attackers to cause a denial of service via vectors involving nested Standard Encoding Accented Character (a…
|
NVD-CWE-noinfo
|
CVE-2010-3054
|
2012-12-19 13:30 |
2010-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261602
|
- |
|
naver
|
nhn_japan_naver_line
|
The NHN Japan NAVER LINE application before 2.5.5 for Android does not properly handle implicit intents, which allows remote attackers to obtain sensitive message information via a crafted applicatio…
|
CWE-200
Information Exposure
|
CVE-2012-4005
|
2012-12-18 14:00 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261603
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.9 and 4.5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) file name to apps/files_versions/js/ve…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5606
|
2012-12-18 14:00 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261604
|
- |
|
owncloud
|
owncloud
|
The "Lost Password" reset functionality in ownCloud before 4.0.9 and 4.5.0 does not properly check the security token, which allows remote attackers to change an accounts password via unspecified vec…
|
CWE-255
Credentials Management
|
CVE-2012-5607
|
2012-12-18 14:00 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261605
|
- |
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in apps/user_webdavauth/settings.php in ownCloud 4.5.x before 4.5.2 allows remote attackers to inject arbitrary web script or HTML via arbitrary POST paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5608
|
2012-12-18 14:00 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261606
|
- |
|
owncloud
|
owncloud
|
Incomplete blacklist vulnerability in lib/filesystem.php in ownCloud before 4.0.9 and 4.5.x before 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a spe…
|
CWE-20
Improper Input Validation
|
CVE-2012-5610
|
2012-12-18 14:00 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261607
|
- |
|
owncloud
|
owncloud
|
Per: http://cwe.mitre.org/data/definitions/184.html 'CWE-184: Incomplete Blacklist'
|
CWE-20
Improper Input Validation
|
CVE-2012-5610
|
2012-12-18 14:00 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261608
|
- |
|
thinkshout
|
mandrill
|
The Mandrill module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users to obtain password reset links by reading the logs in the Mandrill dashboard.
|
CWE-200
Information Exposure
|
CVE-2012-5544
|
2012-12-17 14:00 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261609
|
- |
|
adobe
|
camera_raw
|
Buffer overflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5680
|
2012-12-17 14:00 |
2012-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261610
|
- |
|
egroupware
|
egroupware egroupware_enterprise_line
|
SQL injection vulnerability in phpgwapi/js/dhtmlxtree/samples/with_db/loaddetails.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.201108…
|
CWE-89
SQL Injection
|
CVE-2011-4949
|
2012-12-17 14:00 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|