|
260961
|
- |
|
apple
|
quicktime
mac_os_x
|
The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application…
|
NVD-CWE-Other
|
CVE-2007-0588
|
2013-08-15 14:21 |
2007-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260962
|
- |
|
phpfox
|
phpfox
|
SQL injection vulnerability in PHPFox before 3.6.0 (build6) allows remote attackers to execute arbitrary SQL commands via the search[sort_by] parameter to user/browse/view_/.
|
CWE-89
SQL Injection
|
CVE-2013-5121
|
2013-08-15 02:52 |
2013-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260963
|
- |
|
phpfox
|
phpfox
|
SQL injection vulnerability in PHPFox before 3.6.0 (build4) allows remote attackers to execute arbitrary SQL commands via the search[gender] parameter to user/browse/view_/.
|
CWE-89
SQL Injection
|
CVE-2013-5120
|
2013-08-15 02:31 |
2013-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260964
|
- |
|
libraw
|
libraw
|
Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vec…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2127
|
2013-08-15 02:14 |
2013-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260965
|
- |
|
siemens
|
comos
|
The client application in Siemens COMOS before 9.1 Update 458, 9.2 before 9.2.0.6.37, and 10.0 before 10.0.3.0.19 allows local users to gain privileges and bypass intended database-operation restrict…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4943
|
2013-08-14 04:50 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260966
|
- |
|
cotonti
|
cotonti_siena
|
SQL injection vulnerability in modules/rss/rss.php in Cotonti before 0.9.14 allows remote attackers to execute arbitrary SQL commands via the "c" parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2013-4789
|
2013-08-14 03:45 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260967
|
- |
|
ioserver
|
ioserver
|
The master-station DNP3 driver before driver19.exe, and Beta2041.exe, in IOServer allows remote attackers to cause a denial of service (infinite loop) via crafted DNP3 packets to TCP port 20000.
|
CWE-20
Improper Input Validation
|
CVE-2013-2790
|
2013-08-14 03:39 |
2013-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260968
|
- |
|
wordpress
|
wordpress
|
The HTTP API in WordPress before 3.5.2 allows remote attackers to send HTTP requests to intranet servers via unspecified vectors, related to a Server-Side Request Forgery (SSRF) issue, a similar vuln…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2199
|
2013-08-14 02:21 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260969
|
- |
|
wordpress
|
wordpress
|
WordPress before 3.5.2 does not properly check the capabilities of roles, which allows remote authenticated users to bypass intended restrictions on publishing and authorship reassignment via unspeci…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2200
|
2013-08-14 02:21 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260970
|
- |
|
tinymce
wordpress
|
media
wordpress
|
moxieplayer.as in Moxiecode moxieplayer, as used in the TinyMCE Media plugin in WordPress before 3.5.2 and other products, does not consider the presence of a # (pound sign) character during extracti…
|
CWE-20
Improper Input Validation
|
CVE-2013-2204
|
2013-08-14 02:21 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
