Search:
WLB2

[ Bugs ]   [ Exploits ]
WLB2RSS Bugtraq WLB2RSS
[ Bogus ]   [ Tricks ]
2015-01-25
Low Risk

SWFupload 2.5.0 - Cross Frame Scripting (XFS) Vulnerability

Vulnerability La...
2015-01-24
High Risk

Cisco Ironport Appliances Privilege Escalation Vulnerability

Glafkos Charalam...
High Risk

Cisco Ironport Appliances Privilege Escalation Vulnerability Exploit

Glafkos Charalam...
Low Risk

SmartCMS 2 Cross Site Scripting

(CVE)
Wang Jing
Medium Risk

SmartCMS 2 SQL Injection

(CVE)
Wang Jing
Medium Risk

ferretCMS 1.0.4-alpha Cross Site Scripting / SQL Injection

Steffen R
2015-01-23
High Risk

libpng 1.6.15 Heap Overflow

(CVE)
Alex Eubanks
Medium Risk

USAA Mobile App Information Disclosure

David Longenecke...
High Risk

Program-O 2.4.6 XSS / LFI / HTTP Response Splitting

Vulnerability La...
Medium Risk

ecommerceMajor SQL Injection

Manish Kishan Ta...
Medium Risk

Alibaba Cross Site Scripting / Open Redirect

Wang Jing
2015-01-22
Low Risk

Jenkins Tomcat Secure and HttpOnly flags are not set for cookies

(CVE)
Yann Rouillard
Medium Risk

OS X 10.10 IOKit IntelAccelerator NULL Pointer Dereference

Google Security ...
High Risk

Exif Pilot 4.7.2 Buffer Overflow

Osanda M. Jayath...
Medium Risk

Mangallam SQL Injection

Ashiyane Digital...
High Risk

articleFR CMS 3.0.5 Arbitrary File Upload

Tran Dinh Tien
Medium Risk

RedaxScript 2.1.0 Privilege Escalation

shyamkumar soman...
Medium Risk

Google Drive Information Leak

kevin mcsheehan
High Risk

CAS Server 3.5.2 LDAP Authentication Bypass

(CVE)
Jose Tozo
2015-01-21
High Risk

LizardSquad DDoS Stresser Multiple Vulnerabilities

Vulnerability La...
High Risk

iExplorer 3.6.3 DLL Hijacking Exploit itunesmobiledevice.dll

(CVE)
Vulnerability La...
High Risk

PhotoSync v1.1.3 Android - Command Inject Vulnerability

Vulnerability La...
High Risk

OS X networkd "effective_audit_token" XPC Type Confusion Sandbox Escape

Google Security ...
Medium Risk

OS X 10.9.5 IOKit IntelAccelerator NULL Pointer Dereference

Google Security ...
Medium Risk

YourMembers Blind SQL Injection

(CVE)
Tien Tran Dinh
Medium Risk

ManageEngine Support Center Plus 7916 Directory Traversal

(CVE)
xistence
2015-01-20
Medium Risk

WP eCommerce 3.9.1 plugin XSS & CSRF Web Vulnerability

Neo Hapsis aka 0...
Medium Risk

Invem CMS Admin Bypass Vulnerability

Ashiyane Digital...
High Risk

N-Central Remote Support Manager 14.2.7.171 File Read / Code Execution

Thomas Hibbert
High Risk

VLC Player 2.1.5 Write Access / DEP Access Violation

(CVE)
Veysel HATAS
Medium Risk

McAfee Advanced Threat Defense Sandbox Fingerprinting / Bypass

David Coomber
Low Risk

Kiwix Cross Site Scripting

(CVE)
Emmanuel Engelha...
High Risk

ManageEngine Multiple Products Authenticated File Upload

(CVE)
Pedro
High Risk

Samsung SmartViewer BackupToAvi 3.0 Remote Code Execution

(CVE)
Praveen Darshana...
Medium Risk

WordPress CIP4 Folder Download 1.10 Local File Inclusion

Ben khlifa Fahmi
[ Read More ]

  Top CWE:   CWE-89 (SQL Injection)   CWE-79 (XSS)   CWE-119 (Buffer Overflow)   CWE-22 (Path Traversal)  

[ CVE Related ]   [ CWE Related ]   [ Dorks ]  

[ CVE Products ] [ CVE Vendors ]
WLB2RSS CVE CVEMAP.ORG WLB2RSS CVE
Last Update: 2015-01-24
2015-01-22
 
CVE-2014-7923
( 7.5/10 )
 
  Google Chrome
The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspe...
 
CVE-2014-7924
( 5/10 )
 
  Google Chrome
Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering duplicate BLOB references, related to conte...
 
CVE-2014-7925
( 7.5/10 )
 
  Google Chrome
Use-after-free vulnerability in the WebAudio implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an audio-rende...
 
CVE-2014-7926
( 7.5/10 )
 
  Google Chrome
The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspe...
 
CVE-2014-7927
( 7.5/10 )
 
  Google Chrome
The SimplifiedLowering::DoLoadBuffer function in compiler/simplified-lowering.cc in Google V8, as used in Google Chrome before 40.0.2214.91, does not properly choose an integer data type, which allows remote attackers to cause a denial of service (me...
 
CVE-2014-7928
( 7.5/10 )
 
  Google Chrome
hydrogen.cc in Google V8, as used Google Chrome before 40.0.2214.91, does not properly handle arrays with holes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted Java...
 
CVE-2014-7929
( 7.5/10 )
 
  Google Chrome
Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of ser...
 
CVE-2014-7930
( 7.5/10 )
 
  Google Chrome
Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via...
 
CVE-2014-7931
( 7.5/10 )
 
  Google Chrome
factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance o...
 
CVE-2014-7932
( 7.5/10 )
 
  Google Chrome
Use-after-free vulnerability in the Element::detach function in core/dom/Element.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified o...
 
CVE-2014-7933
( 7.5/10 )
 
  Ffmpeg Ffmpeg
Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other...
 
CVE-2014-7934
( 7.5/10 )
 
  Google Chrome
Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unexpected absence of...
 
CVE-2014-7935
( 7.5/10 )
 
  Google Chrome
Use-after-free vulnerability in browser/speech/tts_message_filter.cc in the Speech implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involvin...
 
CVE-2014-7936
( 6.8/10 )
 
  Google Chrome
Use-after-free vulnerability in the ZoomBubbleView::Close function in browser/ui/views/location_bar/zoom_bubble_view.cc in the Views implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly ...
 
CVE-2014-7937
( 7.5/10 )
 
  Ffmpeg Ffmpeg
Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Vorb...
 
CVE-2014-7938
( 7.5/10 )
 
  Google Chrome
The Fonts implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
 
CVE-2014-7939
( 4.3/10 )
 
  Google Chrome
Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X...
 
CVE-2014-7940
( 7.5/10 )
 
  Google Chrome
The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to...
 
CVE-2014-7941
( 5/10 )
 
  Google Chrome
The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of servic...
 
CVE-2014-7942
( 7.5/10 )
 
  Google Chrome
The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
[ Read More ]

Top Vendors:

Apple   Microsoft   Google   Oracle   Apache   IBM   Red Hat   HP   Adobe   Mozilla  

[ Full List of Vendors ]  

Top Products:

Linux Kernel   Mac OS X   Windows XP   Windows 7   Flash Player   Adobe Reader   PHP   JRE   JDK  
Wordpress   Joomla   Chrome   IE   Firefox   Safari   HTTPD   Tomcat   Nginx  

[ Full List of Products ]  



 
Copyright 2015, cxsecurity.com