|
289861
|
- |
|
github
|
hub
|
The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.
|
CWE-310
Cryptographic Issues
|
CVE-2014-0177
|
2024-11-21 11:01 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289862
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in the URL downloader repository in repository/url/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows re…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0218
|
2024-11-21 11:01 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289863
|
- |
|
moodle
|
moodle
|
enrol/index.php in Moodle 2.6.x before 2.6.3 does not check for the moodle/course:viewhiddencourses capability before listing hidden courses, which allows remote attackers to obtain sensitive name an…
|
CWE-200
Information Exposure
|
CVE-2014-0217
|
2024-11-21 11:01 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289864
|
- |
|
moodle
|
moodle
|
The My Home implementation in the block_html_pluginfile function in blocks/html/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 does not properly res…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0216
|
2024-11-21 11:01 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289865
|
- |
|
moodle
|
moodle
|
The blind-marking implementation in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote authenticated users to de-anonymize student identities by (1) …
|
CWE-200
Information Exposure
|
CVE-2014-0215
|
2024-11-21 11:01 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289866
|
- |
|
moodle
|
moodle
|
login/token.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 creates a MoodleMobile web-service token with an infinite lifetime, which makes it easier for…
|
CWE-287
Improper Authentication
|
CVE-2014-0214
|
2024-11-21 11:01 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289867
|
- |
|
moodle
|
moodle
|
Multiple cross-site request forgery (CSRF) vulnerabilities in mod/assign/locallib.php in the Assignment subsystem in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2…
|
CWE-352
Origin Validation Error
|
CVE-2014-0213
|
2024-11-21 11:01 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289868
|
- |
|
pocoo
|
jinja2
|
FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which allows local users to gain privileges by pre-creating a temporary directory with a user's uid. NOTE: thi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0012
|
2024-11-21 11:01 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289869
|
- |
|
canonical
x
|
ubuntu_linux
libxfont
|
Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to…
|
CWE-189
Numeric Errors
|
CVE-2014-0211
|
2024-11-21 11:01 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289870
|
- |
|
x
canonical
|
libxfont
ubuntu_linux
|
Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_set…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0210
|
2024-11-21 11:01 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
