|
292921
|
- |
|
extended_module_player_project
|
extended_module_player
|
Buffer overflow in the get_dsmp function in loaders/masi_load.c in libxmp before 4.1.0 allows remote attackers to execute arbitrary code via a crafted MASI file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1980
|
2024-11-21 10:50 |
2014-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292922
|
- |
|
apache
|
wicket
|
Unspecified vulnerability in Apache Wicket 1.4.x before 1.4.23, 1.5.x before 1.5.11, and 6.x before 6.8.0 allows remote attackers to obtain sensitive information via vectors that cause raw HTML templ…
|
NVD-CWE-noinfo
|
CVE-2013-2055
|
2024-11-21 10:50 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292923
|
- |
|
roundcube
|
webmail
|
Absolute path traversal vulnerability in steps/mail/sendmail.inc in Roundcube Webmail before 0.7.3 and 0.8.x before 0.8.6 allows remote attackers to read arbitrary files via a full pathname in the _v…
|
CWE-22
Path Traversal
|
CVE-2013-1904
|
2024-11-21 10:50 |
2014-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292924
|
- |
|
gpsd_project
canonical
|
gpsd
ubuntu_linux
|
The NMEA0183 driver in gpsd before 3.9 allows remote attackers to cause a denial of service (daemon termination) and possibly execute arbitrary code via a GPS packet with a malformed $GPGGA interpret…
|
CWE-20
Improper Input Validation
|
CVE-2013-2038
|
2024-11-21 10:50 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292925
|
- |
|
kde
|
kdelibs
|
kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows attackers to discover credentials via a crafted request that triggers an "internal server error," which includes the username and pa…
|
CWE-200
Information Exposure
|
CVE-2013-2074
|
2024-11-21 10:50 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292926
|
- |
|
apache
|
activemq
|
Cross-site scripting (XSS) vulnerability in the Portfolio publisher servlet in the demo web application in Apache ActiveMQ before 5.9.0 allows remote attackers to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2013-1880
|
2024-11-21 10:50 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292927
|
- |
|
mediaelementjs
owncloud
|
mediaelement.js
owncloud
|
Cross-site scripting (XSS) vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2, as used in ownCloud Server 5.0.x before 5.0.5 and 4.5.x before 4.5.10, allows remote attackers to i…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1967
|
2024-11-21 10:50 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292928
|
- |
|
kolja_schleich
|
leaguemanager
|
SQL injection vulnerability in leaguemanager.php in the LeagueManager plugin before 3.8.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the league_id parameter in the le…
|
CWE-89
SQL Injection
|
CVE-2013-1852
|
2024-11-21 10:50 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292929
|
- |
|
almanah_project
|
almanah
|
Almanah Diary 0.9.0 and 0.10.0 does not encrypt the database when closed, which allows local users to obtain sensitive information by reading the database.
|
CWE-310
Cryptographic Issues
|
CVE-2013-1853
|
2024-11-21 10:50 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292930
|
- |
|
redhat
|
dogtag_certificate_system
certificate_system
|
Format string vulnerability in the token processing system (pki-tps) in Red Hat Certificate System (RHCS) 8.1 and possibly Dogtag Certificate System 9 and 10 allows remote authenticated users to caus…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2013-1886
|
2024-11-21 10:50 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
