1167 matches found
CVE-2013-4299
Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device...
CVE-2013-4299
Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device...
CVE-2013-4299
Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device...
CVE-2013-4712
I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors...
Authentication flaw
The 1 REST and 2 memcache interfaces in the Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 do not require authentication, which allows remote attackers to obtain sensitive information or modify data via an API call...
CVE-2013-2351
Unspecified vulnerability in HP Network Node Manager i NNMi 9.00, 9.1x, and 9.2x allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors...
CVE-2013-2339
HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero Client, t410 Smart Zero Client, t510 Flexible Thin Client, t5565z Smart Client, t610 Flexible Thin Client, and t610 PLUS Flexible Thin Client allows local users to obtain sensitive information, modify data, or cause a denial of...
Code injection
HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero Client, t410 Smart Zero Client, t510 Flexible Thin Client, t5565z Smart Client, t610 Flexible Thin Client, and t610 PLUS Flexible Thin Client allows local users to obtain sensitive information, modify data, or cause a denial of...
WordPress Plugin Spiffy XSPF Player - 'playlist_id' SQL Injection
source: https://www.securityfocus.com/bid/58976/info Spiffy XSPF Player plug-in for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
PHP Address Book - addressbookregisteradmin_index.php?q SQL Injection
PHP Address Book - addressbookregisteradminindex.php?q SQL Injection source: https://www.securityfocus.com/bid/58911/info PHP Address Book is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input. A successful exploit may allow an attacker t...
Improper access control
The Engine in TIBCO Spotfire Web Player 3.3.x before 3.3.3, 4.0.x before 4.0.3, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 does not properly implement access control, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors...
CVE-2012-1999
Unspecified vulnerability in HP Systems Insight Manager SIM before 7.0 allows remote authenticated users to obtain sensitive information or modify data via unknown vectors...
CVE-2012-1998
Unspecified vulnerability in HP Systems Insight Manager SIM before 7.0 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-1997...
CVE-2012-1995
Unspecified vulnerability in HP Systems Insight Manager SIM before 7.0 allows local users to obtain sensitive information or modify data via unknown vectors...
CVE-2012-1996
Unspecified vulnerability in HP Systems Insight Manager SIM before 7.0 allows remote attackers to modify data via unknown vectors...
Code injection
Unspecified vulnerability in HP Systems Insight Manager SIM before 7.0 allows local users to obtain sensitive information or modify data via unknown vectors...
Code injection
Unspecified vulnerability in HP Systems Insight Manager SIM before 7.0 allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-1998...
Code injection
Unspecified vulnerability in HP Systems Insight Manager SIM before 7.0 allows remote authenticated users to obtain sensitive information or modify data via unknown vectors...
CVE-2012-1995
Unspecified vulnerability in HP Systems Insight Manager SIM before 7.0 allows local users to obtain sensitive information or modify data via unknown vectors...
CVE-2012-1996
Unspecified vulnerability in HP Systems Insight Manager SIM before 7.0 allows remote attackers to modify data via unknown vectors...