|
259141
|
- |
|
openssl
|
openssl
|
OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate…
|
CWE-399
Resource Management Errors
|
CVE-2011-4577
|
2014-03-26 13:25 |
2012-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259142
|
- |
|
openssl
|
openssl
|
crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value co…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-3207
|
2014-03-26 13:22 |
2011-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259143
|
- |
|
openssl
|
openssl
|
The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows r…
|
CWE-399
Resource Management Errors
|
CVE-2011-3210
|
2014-03-26 13:22 |
2011-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259144
|
- |
|
marekkis
|
watermark
|
Cross-site scripting (XSS) vulnerability in the Marekkis Watermark plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pfad parameter to wp-admin/options…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1758
|
2014-03-26 09:54 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259145
|
- |
|
proxmox
|
mail_gateway
|
Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway before 3.1-5829 allow remote attackers to inject arbitrary web script or HTML via the (1) state parameter to objects/who/in…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2325
|
2014-03-26 09:42 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259146
|
- |
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in settings.php in ownCloud before 4.0.12 and 4.5.x before 4.5.7 allows remote administrators to inject arbitrary web script or HTML via the group input field…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0307
|
2014-03-26 09:41 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259147
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x before 4.5.7 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted iCalendar file to the calendar appli…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0298
|
2014-03-26 09:40 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259148
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.12 and 4.5.x before 4.5.7 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) site_…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0297
|
2014-03-26 09:39 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259149
|
- |
|
owncloud
|
owncloud
|
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.0.13 and 4.5.x before 4.5.8, when the user_migrate application is enabled, allows remote authenticated users to import arbit…
|
NVD-CWE-Other
|
CVE-2013-1851
|
2014-03-26 09:23 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259150
|
- |
|
owncloud
|
owncloud
|
Per: https://cwe.mitre.org/data/definitions/184.html
"CWE-184: Incomplete Blacklist"
|
NVD-CWE-Other
|
CVE-2013-1851
|
2014-03-26 09:23 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
