CVE-2013-2140

The dispatchdiscardio function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service data loss via filesystem write operations on a read-only disk that supports the 1 BLKIFOPDISCARD aka discard...

Design/Logic Flaw

The dispatchdiscardio function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service data loss via filesystem write operations on a read-only disk that supports the 1 BLKIFOPDISCARD aka discard...

CVE-2013-2140

The dispatchdiscardio function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service data loss via filesystem write operations on a read-only disk that supports the 1 BLKIFOPDISCARD aka discard...

CVE-2013-5724

Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable permissions for cache files, which allows local users to modify the file contents via standard filesystem write operations...

WordPress Google Document Embedder Arbitrary File Disclosure

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rbmysql' class Metasploit3 'WordPress Plugin...

WordPress Plugin Google Document Embedder Arbitrary File Disclosure

This Metasploit module exploits an arbitrary file disclosure flaw in the WordPress blogging software plugin known as Google Document Embedder. The vulnerability allows for database credential disclosure via the /libs/pdf.php script. The Google Document Embedder plug-in versions 2.4.6 and below ar...

WordPress Plugin Google Document Embedder Arbitrary File Disclosure

This module exploits an arbitrary file disclosure flaw in the WordPress blogging software plugin known as Google Document Embedder. The vulnerability allows for database credential disclosure via the /libs/pdf.php script. The Google Document Embedder plug-in versions 2.4.6 and below are vulnerabl...

Design/Logic Flaw

HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit PDK applications, which allows local users to gain privileges by leveraging unintended filesystem write access...

CVE-2011-1738

HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit PDK applications, which allows local users to gain privileges by leveraging unintended filesystem write access...

CVE-2011-1738

HP Palm webOS 1.4.5 and 1.4.5.1 are affected by CVE-2011-1738 due to improper restriction of Plug-in Development Kit (PDK) applications, enabling local privilege escalation via unintended filesystem write access. The root cause is insufficient access controls on PDK apps, allowing local users to ...

CVE-2006-5862

Directory traversal vulnerability in the session mechanism of the web interface for Network Administration Visualized NAV before 3.1.1 allows attackers with filesystem write access to have an unknown impact via unknown attack vectors...