Search:
WLB2

[ Bugs ]   [ Exploits ]
WLB2RSS Bugtraq WLB2RSS
[ Bogus ]   [ Tricks ]
2015-03-27
High Risk

WordPress Aspose Cloud eBook Generator File Download

Ashiyane Digital...
2015-03-26
Medium Risk

Apache Xerces-C XML Parser Crashes on Malformed Input

(CVE)
Anton Rager and ...
High Risk

Aruba Remote Access Point (RAP) Command Injection

(CVE)
Aruba
Low Risk

CS-Cart 4.2.4 CSRF

(CVE)
Luis Santana
Medium Risk

pfSense 2.2 Cross Site Request Forgery / Cross Site Scripting

(CVE)
High-Tech Bridge...
Low Risk

Realms Wiki Insecure Transport

Javantea
Low Risk

WordPress Marketplace 2.4.0 Add Administrator

Claudio Viviani
Medium Risk

EMC Isilon OneFS Privilege Escalation

(CVE)
EMC
High Risk

Mini-Stream RM-MP3 Converter 2.7.3.700 Buffer Overflow

TUNISIAN CYBER
Medium Risk

WSO2 Identity Server 4.5.0 / 4.6.0 / 5.0.0 Bypass / Cross Site Scripting

Bartlomiej Balce...
High Risk

Mini-Stream Ripper 2.7.7.100 Buffer Overflow

TUNISIAN CYBER
Low Risk

Realms Wiki Cross Site Request Forgery

Javantea
2015-03-25
High Risk

Wordpress Theme Arbitrary File Download Vulnerability

Iran Cyber Secur...
Medium Risk

Microsoft Windows Local WebDAV NTLM Reflection Privilege Escalation

James Forshaw
Medium Risk

Joomla Spider Random Article SQL Injection

IndiShell Lab
Low Risk

Unasjee CMS Cross Site Request Forgery

KnocKout
Low Risk

Anchor CMS 0.9.2 Cross Site Scripting

JoeV
Medium Risk

Joomla Random Article SQL Injection

IndiShell Lab
Low Risk

Question2Answer 1.7 Cross Site Scripting

s0w
2015-03-24
Low Risk

Firefox Proxy Prototype Privileged Javascript Injection

(CVE)
joev
High Risk

Belkin Play N750 login.cgi Buffer Overflow

(CVE)
Michael
Low Risk

DokuWiki 2014-09-29c Cross Site Scripting

Filippo Cavallar...
Low Risk

ManageEngine Network Configuration Management CSRF

Kaustubh G. Padw...
High Risk

Powershell Remoting Remote Command Execution

(CVE)
Ben Campbell
Low Risk

Manage Engine Device Expert 5.9.9.0 Cross Site Scripting

Kaustubh G. Padw...
Medium Risk

openEMR 4.2.0 Cross Site Scripting / SQL Injection

Steffen R
Medium Risk

WordPress MP3-Jplayer 2.1 Local File Disclosure

KedAns-Dz
High Risk

WordPress InBoundio Marketing Shell Upload

KedAns-Dz
Medium Risk

WordPress AB Google Map Travel CSRF / XSS

Kaustubh G. Padw...
2015-03-22
Medium Risk

OpenSSL DoS tester now available (CVE-2015-0291)

(CVE)
mancha140
Medium Risk

PHP SoapClient's __call() type confusion through unserialize()

Andrea Palazzo
Low Risk

Kali Linux Man In The Middle

Kurt
Low Risk

The Palinopsia Bug Recovering framebuffers from VRAM

Bastian
High Risk

Apache Batik Information Disclosure Vulnerability (XXE Injection)

(CVE)
Timo Schmid
Low Risk

Cisco UCSM username and password hashes sent via SYSLOG

Tom Sellers
[ Read More ]

  Top CWE:   CWE-89 (SQL Injection)   CWE-79 (XSS)   CWE-119 (Buffer Overflow)   CWE-22 (Path Traversal)  

[ CVE Related ]   [ CWE Related ]   [ Dorks ]  

[ CVE Products ] [ CVE Vendors ]
WLB2RSS CVE CVEMAP.ORG WLB2RSS CVE
Last Update: 2015-03-26
2015-03-26
 
CVE-2015-0635
( 9/10 )
 
  Cisco IOS
The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to spoof Autonomic Networking Registration Authority (ANRA) res...
 
CVE-2015-0636
( 7.8/10 )
 
  Cisco IOS
The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (disrupted domain access) via spoo...
 
CVE-2015-0637
( 7.8/10 )
 
  Cisco IOS
The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) via spoofed AN mes...
 
CVE-2015-0647
( 7.8/10 )
 
  Cisco IOS
Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (device reload) via malformed Common Industrial Protocol (CIP) UDP packets, aka Bug ID CSCum98371.
 
CVE-2015-0648
( 7.8/10 )
 
  Cisco IOS
Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (memory consumption) via crafted Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun49658.
2015-03-25
 
CVE-2014-9711
( 4.3/10 )
 
  Websense Triton ap web
Multiple cross-site scripting (XSS) vulnerabilities in the Investigative Reports in Websense TRITON AP-WEB before 8.0.0 and Web Security and Filter, Web Security Gateway, and Web Security Gateway Anywhere 7.8.3 before Hotfix 02 and 7.8.4 before Hotfi...
 
CVE-2015-0295
( 5/10 )
 
  Digia QT
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
 
CVE-2015-2701
( 6.8/10 )
 
  Cs-cart Cs-cart
Cross-site request forgery (CSRF) vulnerability in CS-Cart 4.2.4 allows remote attackers to hijack the authentication of users for requests that change a user password via a request to profiles-update/.
 
CVE-2015-2702
( 4.3/10 )
 
  Websense Triton ap data
Cross-site scripting (XSS) vulnerability in the Message Log in the Email Security Gateway in Websense TRITON AP-EMAIL before 8.0.0 and V-Series 7.7 appliances allows remote attackers to inject arbitrary web script or HTML via the sender address in an...
 
CVE-2015-2703
( 4.3/10 )
 
  Websense Triton ap web
Multiple cross-site scripting (XSS) vulnerabilities in Websense TRITON AP-WEB before 8.0.0 and V-Series 7.7 appliances allow remote attackers to inject arbitrary web script or HTML via the (1) ws-userip in the ws-encdata parameter to cve-bin/moreBloc...
2015-03-24
 
CVE-2014-6134
( 1.2/10 )
 
  IBM Installation manager
IBM Rational ClearCase 8.0.0 before 8.0.0.14 and 8.0.1 before 8.0.1.7, when Installation Manager before 1.8.2 is used, retains cleartext server passwords in process memory throughout the installation procedure, which might allow local users to obtain...
 
CVE-2015-0250
( 6.4/10 )
 
  Apache Batik
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
 
CVE-2015-0252
( 5/10 )
 
  Apache Xerces-c
internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.
 
CVE-2015-0261
( 7.5/10 )
 
  Tcpdump Tcpdump
Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative len...
 
CVE-2015-0282
( 5/10 )
 
  GNU Gnutls
GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
 
CVE-2015-1388
( 7.2/10 )
 
  Arubanetworks Arubaos
The "RAP console" feature in ArubaOS 5.x through 6.2.x, 6.3.x before 6.3.1.15, and 6.4.x before 6.4.2.4 on Aruba access points in Remote Access Point (AP) mode allows remote attackers to execute arbitrary commands via unspecified vectors.
 
CVE-2015-2153
( 5/10 )
 
  Tcpdump Tcpdump
The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit ...
 
CVE-2015-2154
( 5/10 )
 
  Tcpdump Tcpdump
The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum val...
 
CVE-2015-2155
( 7.5/10 )
 
  Tcpdump Tcpdump
The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
 
CVE-2015-2265
( 7.5/10 )
 
  Linuxfoundation Cups-filters
The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote IPP printers to execute arbitrary commands via consecutive shell metacharacters in the (1) model or (2) PDL. NOTE: this vulnerability exists because of ...
[ Read More ]

Top Vendors:

Apple   Microsoft   Google   Oracle   Apache   IBM   Red Hat   HP   Adobe   Mozilla  

[ Full List of Vendors ]  

Top Products:

Linux Kernel   Mac OS X   Windows XP   Windows 7   Flash Player   Adobe Reader   PHP   JRE   JDK  
Wordpress   Joomla   Chrome   IE   Firefox   Safari   HTTPD   Tomcat   Nginx  

[ Full List of Products ]  



 
Copyright 2015, cxsecurity.com