Search:
WLB2

[ Bugs ]   [ Exploits ]
WLB2RSS Bugtraq WLB2RSS
[ Bogus ]   [ Tricks ]
2014-09-20
Medium Risk

ArticleFR 11.06.2014 (data.php) - Privilege Escalation

(CVE)
High-Tech Bridge...
Low Risk

Feng Office Cross Site Scripting

(CVE)
Provensec
Low Risk

Ganeti Insecure Archive Permission

(CVE)
Helga Velroyen
Low Risk

ntopng 1.2.0 Cross Site Scripting

(CVE)
Steffen Bauch
High Risk

PhpWiki Ploticus Command Injection

(CVE)
Benjamin Harris
Medium Risk

ace /tmp file vulnerability

(CVE)
Helmut
High Risk

Plogger Authenticated Arbitrary File Upload

(CVE)
b0z
Low Risk

MailEnable Enterprise 6.5 XSS

(CVE)
loneferret
High Risk

GetSimpleCMS PHP File Upload

Ahmed
Low Risk

Nokia Asha 501 Lock Bypass

Hammad Shamsi
Low Risk

M/Monit 3.2.2 Cross Site Request Forgery

(CVE)
Dolev Farhi
2014-09-19
Low Risk

Netgear Download Center Cross Site Scripting / Open Redirect

Claudio Viviani
High Risk

Apple Foundation NSXMLParser XML eXternal Entity (XXE)

(CVE)
George D. Gal
Low Risk

WatchGuard XTM 11.8.3 Cross Site Scripting

William
Low Risk

Oracle MyOracle Filter Bypass

Vulnerability La...
2014-09-18
Low Risk

Nokia Asha Lock Code Bypass

Muhammad Shahmee...
Medium Risk

webEdition 6.3.8.0 Path Traversal

(CVE)
High-Tech Bridge...
Medium Risk

seafile-server 3.1.5 Denial Of Service

retset
Low Risk

MODX Revolution 2.3.1-pl Cross Site Scripting

(CVE)
High-Tech Bridge...
Low Risk

Livefyre LiveComments 3.0 Cross Site Scripting

Brij Kishore Mis...
Low Risk

OsClass 3.4.1 Cross Site Scripting

(CVE)
Omar Kurt
Medium Risk

OsClass 3.4.1 Local File Inclusion

(CVE)
Omar Kurt
Low Risk

WordPress WP-Ban 1.62 Bypass

(CVE)
Tom Adams
Medium Risk

ClassApps SelectSurvey.net 4.124.004 SQL Injection

(CVE)
Anonymous
Medium Risk

WordPress Login Widget With Shortcode 3.1.1 CSRF / XSS

Tom Adams
Low Risk

MIUI Wifi Connection Message Wireless Enable

nipc
Low Risk

MIUI Torch Enable

nipc
Low Risk

Android Bluetooth Enable

nipc
2014-09-17
High Risk

Phpwiki Ploticus Remote Code Execution

(CVE)
us3r777
Low Risk

CM Browser SOP Bypass

Rafay Baloch
Medium Risk

OSSEC 2.8 umask Clear Text Passwords

aramosf
Medium Risk

Cart Engine 3.0 XSS / Open Redirect / SQL Injection

Pietro Minniti
Low Risk

In-Portal CMS 5.2.0 Cross Site Scripting

MustLive
High Risk

Delphi And C++ Builder VCL Library Heap Buffer Overflow

(CVE)
Core
Medium Risk

Laravel 2.1 Hash::make() bcrypt Truncation

u0x
[ Read More ]

  Top CWE:   CWE-89 (SQL Injection)   CWE-79 (XSS)   CWE-119 (Buffer Overflow)   CWE-22 (Path Traversal)  

[ CVE Related ]   [ CWE Related ]   [ Dorks ]  

[ CVE Products ] [ CVE Vendors ]
WLB2RSS CVE CVEMAP.ORG WLB2RSS CVE
Last Update: 2014-09-20
2014-09-19
 
CVE-2006-1318
( 9.3/10 )
 
  Microsoft Office
Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, ...
 
CVE-2014-1391
( 6.8/10 )
 
  Apple Mac os x
QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file with RLE encoding.
 
CVE-2014-4350
( 6.8/10 )
 
  Apple Mac os x
Buffer overflow in QT Media Foundation in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MIDI file.
 
CVE-2014-4376
( 10/10 )
 
  Apple Mac os x
IOKit in IOAcceleratorFamily in Apple OS X before 10.9.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted API arguments.
 
CVE-2014-4390
( 9.3/10 )
 
  Apple Mac os x
Bluetooth in Apple OS X before 10.9.5 does not properly validate API calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application.
 
CVE-2014-4393
( 10/10 )
 
  Apple Mac os x
Buffer overflow in the shader compiler in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GLSL shader.
 
CVE-2014-4394
( 6.9/10 )
 
  Apple Mac os x
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application,...
 
CVE-2014-4395
( 6.9/10 )
 
  Apple Mac os x
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application,...
 
CVE-2014-4396
( 6.9/10 )
 
  Apple Mac os x
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application,...
 
CVE-2014-4397
( 6.9/10 )
 
  Apple Mac os x
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application,...
 
CVE-2014-4398
( 6.9/10 )
 
  Apple Mac os x
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application,...
 
CVE-2014-4399
( 6.9/10 )
 
  Apple Mac os x
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application,...
 
CVE-2014-4400
( 6.9/10 )
 
  Apple Mac os x
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application,...
 
CVE-2014-4401
( 6.9/10 )
 
  Apple Mac os x
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application,...
 
CVE-2014-4402
( 9.3/10 )
 
  Apple Mac os x
An unspecified IOAcceleratorFamily function in Apple OS X before 10.9.5 lacks proper bounds checking on read operations, which allows attackers to execute arbitrary code in a privileged context via a crafted application.
 
CVE-2014-4403
( 2.1/10 )
 
  Apple Mac os x
The kernel in Apple OS X before 10.9.5 allows local users to obtain sensitive address information and bypass the ASLR protection mechanism by leveraging predictability of the location of the CPU Global Descriptor Table.
 
CVE-2014-4406
( 4.3/10 )
 
  Apple Os x server
Cross-site scripting (XSS) vulnerability in Xcode Server in CoreCollaboration in Apple OS X Server before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
 
CVE-2014-4416
( 6.9/10 )
 
  Apple Mac os x
An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application,...
 
CVE-2014-4424
( 7.5/10 )
 
  Apple Os x server
SQL injection vulnerability in Wiki Server in CoreCollaboration in Apple OS X Server before 2.2.3 and 3.x before 3.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
 
CVE-2012-2588
( 4.3/10 )
 
  Mailenable Mailenable
Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Enterprise 6.5 allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, or (3) Subject header or (4) body in an SMTP e-mail message.
[ Read More ]

Top Vendors:

Apple   Microsoft   Google   Oracle   Apache   IBM   Red Hat   HP   Adobe   Mozilla  

[ Full List of Vendors ]  

Top Products:

Linux Kernel   Mac OS X   Windows XP   Windows 7   Flash Player   Adobe Reader   PHP   JRE   JDK  
Wordpress   Joomla   Chrome   IE   Firefox   Safari   HTTPD   Tomcat   Nginx  

[ Full List of Products ]  



 
Copyright 2014, cxsecurity.com