| Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... | Result(s) : 59403 |
Alerts
| Date | Name | Categories | Detail | |
|---|---|---|---|---|
| 6.8 | 2013-12-09 | CVE-2013-5355 | cve | Multiple cross-site request forgery (CSRF) vulnerabilities in Sharetronix 3.1.1 allow remote attackers to hijack the authentication of administrators for requests that (1) chang... |
| 7.5 | 2013-12-09 | CVE-2013-5354 | cve | Multiple SQL injection vulnerabilities in Sharetronix 3.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) fb_user_id or (2) tw_user_id parameter to signup. |
| 7.2 | 2013-12-09 | CVE-2013-4400 | cve | virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-lin... |
| 7.5 | 2013-12-09 | CVE-2013-4376 | cve | The setgid wrapper libx2go-server-db-sqlite3-wrapper.c in X2Go Server before 4.0.0.2 allows remote attackers to execute arbitrary code via unspecified vectors, relate to the pat... |
| N/A | 2013-12-09 | CVE-2013-4270 | cve | The net_ctl_permissions function in net/sysctl_net.c in the Linux kernel before 3.11.5 does not properly determine uid and gid values, which allows local users to bypass intende... |
| N/A | 2013-12-09 | CVE-2013-3929 | cve | Cross-site scripting (XSS) vulnerability in admin/editevent.php in CMS Made Simple (CMSMS) 1.11.9 allows remote authenticated users with the "Modify Events" permission to inject... |
| N/A | 2013-12-09 | CVE-2013-2930 | cve | The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows loc... |
| N/A | 2013-12-09 | CVE-2013-2929 | cve | The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information f... |
| 6.8 | 2013-12-09 | CVE-2013-1953 | cve | Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to cause have an unspecified impact via a small value in... |
| 7.5 | 2013-12-09 | CVE-2013-1349 | cve | Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter. |
| 7.5 | 2013-12-09 | CVE-2011-4351 | cve | Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before 0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute arbitrary code via unspecified vectors. |
| 6.8 | 2013-12-09 | CVE-2011-3950 | cve | The dirac_decode_data_unit function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via a crafted value in the reference pic... |
| 6.8 | 2013-12-09 | CVE-2011-3949 | cve | The dirac_unpack_idwt_params function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Dirac data. |
| 6.8 | 2013-12-09 | CVE-2011-3946 | cve | The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Supplemental enhancement informa... |
| 6.8 | 2013-12-09 | CVE-2011-3944 | cve | The smacker_decode_header_tree function in libavcodec/smacker.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Smacker data. |
| 7.5 | 2013-12-09 | CVE-2011-3941 | cve | The decode_mb function in libavcodec/error_resilience.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vectors related to an uninitialized block... |
| 6.8 | 2013-12-09 | CVE-2011-3935 | cve | The codec_get_buffer function in ffmpeg.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vectors related to a crafted image size. |
| 6.8 | 2013-12-09 | CVE-2011-3934 | cve | Double free vulnerability in the vp3_update_thread_context function in libavcodec/vp3.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted v... |
| N/A | 2013-12-08 | CVE-2013-6406 | cve | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-6858. Reason: This candidate is a reservation duplicate of CVE-2013-6858. Notes: All CVE users should ref... |
| N/A | 2013-12-07 | CVE-2013-7001 | cve | MMS Gateway before 2013.11.15 allows remote attackers to cause a denial of service via a malformed MM1 message that is routed to a (1) MM4 or (2) MM7 connection. |
| Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... | Result(s) : 59403 |
