|
259651
|
- |
|
lockon
|
ec-cube
|
data/class/pages/shopping/LC_Page_Shopping_Deliv.php in LOCKON EC-CUBE 2.4.4 and earlier, and 2.11.0 through 2.12.2, allows remote attackers to modify data via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2014-0807
|
2014-01-24 03:10 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259652
|
- |
|
augeas
|
augeas
|
The transform_save function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a "7," which causes world-writable permissions to be…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6412
|
2014-01-24 02:55 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259653
|
- |
|
e107
|
e107
|
fpw.php in e107 through 1.0.4 does not check the user_ban field, which makes it easier for remote attackers to reset passwords by sending a pwsubmit request and leveraging access to the e-mail accoun…
|
CWE-255
Credentials Management
|
CVE-2013-7305
|
2014-01-24 01:38 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259654
|
- |
|
e107
|
e107
|
Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107 before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the query string.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2750
|
2014-01-24 01:21 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259655
|
- |
|
littlecms
|
little_cms_color_engine
|
Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) c…
|
NVD-CWE-Other
|
CVE-2013-4160
|
2014-01-23 07:42 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259656
|
- |
|
littlecms
|
little_cms_color_engine
|
Per: http://cwe.mitre.org/data/definitions/476.html "CWE-476: NULL Pointer Dereference"
|
NVD-CWE-Other
|
CVE-2013-4160
|
2014-01-23 07:42 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259657
|
- |
|
simon_mcvittie
|
telepathy_gabble
|
A certain hashing algorithm in Telepathy Gabble 0.16.x before 0.16.5 and 0.17.x before 0.17.3 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted m…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1769
|
2014-01-23 05:50 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259658
|
- |
|
kernel
|
util-linux
|
(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line …
|
CWE-200
Information Exposure
|
CVE-2013-0157
|
2014-01-23 05:26 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259659
|
- |
|
seagate
|
blackarmor_nas_220_firmware
blackarmor_nas_220
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to hijack the authentication of administrato…
|
CWE-352
Origin Validation Error
|
CVE-2013-6922
|
2014-01-23 04:49 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259660
|
- |
|
hexagon
|
erdas_er_viewer
|
Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of s…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3482
|
2014-01-22 06:14 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
