Search:
WLB2

[ Bugs ]   [ Exploits ]
WLB2RSS Bugtraq WLB2RSS
[ Bogus ]   [ Tricks ]
2014-12-18
Medium Risk

vBulletin Moderator Control Panel 4.2.2 CSRF

Tomescu Daniel
Low Risk

Jease CMS 2.11 Script Insertion

Manideep K
Medium Risk

WordPress Bird Feeder 1.2.3 CSRF / XSS

(CVE)
Vulnerability La...
Medium Risk

Revive Adserver 3.0.5 Cross Site Scripting / Denial Of Service

(CVE)
Matteo Beccati
Low Risk

Revive Adserver 3.0.5 Cross Site Scripting

(CVE)
High-Tech Bridge...
Low Risk

W3 Total Cache 0.9.4 Cross Site Scripting

(CVE)
Tobias Glemser
High Risk

Morfy CMS 1.05 Remote Command Execution

(CVE)
Vulnerability La...
High Risk

E-Journal 1.0 Shell Upload / SQL Injection

X-Cisadane
Medium Risk

Jaangle 0.98i.977 Denial Of Service

hadji samir
2014-12-17
High Risk

Linux Kernel 'Grinch' polkit/wheel group issue

Joab Jackson
High Risk

Ettercap 8.0 / 8.1 Code Execution / Denial Of Service

(CVE)
Nick Sampanis
Low Risk

Arris Touchstone TG862G/CT Cross Site Scripting

(CVE)
Seth Art
Low Risk

Arris Touchstone TG862G/CT Cross Site Request Forgery

(CVE)
Seth Art
High Risk

CIK Telecom SVG6000RW Default Account / Command Execution

Chako
Medium Risk

iWifi For Chat 1.1 Denial Of Service

Vulnerability La...
High Risk

iUSB 1.2 Arbitrary Code Execution

Vulnerability La...
Low Risk

D-Link DCS-2103 Brute Force / Cross Site Scripting

MustLive
Low Risk

Elefant CMS 1.3.9 Cross Site Scripting

Vulnerability La...
High Risk

RStickets! 1.0.0 Remote Shell Upload

Ibrahim Raafat
High Risk

RSform!Pro 1.3.0 Remote Shell Upload

Ibrahim Raafat
Low Risk

Konakart 7.3.0.1 Cross Site Scripting

Vulnerability La...
High Risk

WordPress A.F.D. Theme Echelon Arbitrary File Download

Cleiton Pinheiro
Low Risk

Fuzzylime 3.03b Cross Site Scripting

Vulnerability La...
Low Risk

RelateIQ Mail Encoding Script Code Injection

Vulnerability La...
2014-12-16
High Risk

Linux Kernel 3.2 multiple x86_64 vulnerabilities

(CVE)
Andy Lutomirski
High Risk

Intrexx Professional 6.0 / 5.2 Remote Code Execution

(CVE)
Christian Schnei...
Low Risk

Intrexx Professional 6.0 / 5.2 Cross Site Scripting

(CVE)
Christian Schnei...
High Risk

ActualAnalyzer ant Cookie Command Execution

Brendan Coles
Medium Risk

CA LISA Multiple Vulns

(CVE)
Ken Williams
Medium Risk

WordPress O2Tweet 0.0.4 CSRF / XSS

(CVE)
Manideep K
2014-12-15
Medium Risk

glibc 2.21 DNS endless loop in getaddr_r

Yash
Low Risk

phpMyAdmin 4.0.x, 4.1.x, 4.2.x Denial of Service

Javier Nieto
Medium Risk

CodeMeter 4.50.906.503 Service Trusted Path Privilege Escalation

Hadji Samir
Medium Risk

HTCSyncManager 3.1.33.0 Service Trusted Path Privilege Escalation

Hadji Samir
High Risk

Wordpress Wp Symposium 14.11 Unauthenticated Shell Upload Exploit

Claudio Viviani
[ Read More ]

  Top CWE:   CWE-89 (SQL Injection)   CWE-79 (XSS)   CWE-119 (Buffer Overflow)   CWE-22 (Path Traversal)  

[ CVE Related ]   [ CWE Related ]   [ Dorks ]  

[ CVE Products ] [ CVE Vendors ]
WLB2RSS CVE CVEMAP.ORG WLB2RSS CVE
Last Update: 2014-12-18
2014-12-18
 
CVE-2014-3580
( 5/10 )
 
  Apache Subversion
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does n...
 
CVE-2014-6076
( 4.3/10 )
 
  IBM Security access manager for mo...
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to conduct clickjacking attacks via a crafted web site.
 
CVE-2014-6077
( 6.8/10 )
 
  IBM Security access manager for mo...
Cross-site request forgery (CSRF) vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote attackers to hijack the authentication of arbitrar...
 
CVE-2014-6078
( 5/10 )
 
  IBM Security access manager for mo...
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do not have a lockout period after invalid login attempts, which makes it easier for remote attackers to obtain adm...
 
CVE-2014-6080
( 6.5/10 )
 
  IBM Security access manager for mo...
SQL injection vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified ...
 
CVE-2014-6082
( 4/10 )
 
  IBM Security access manager for mo...
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote authenticated users to cause a denial of service (administration UI outage) via unspecified vectors.
 
CVE-2014-6083
( 5/10 )
 
  IBM Security access manager for mo...
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session.
 
CVE-2014-6084
( 5/10 )
 
  IBM Security access manager for mo...
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 make it easier for remote attackers to obtain sensitive information by sniffing the network during use of a weak SS...
 
CVE-2014-6086
( 5/10 )
 
  IBM Security access manager for mo...
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do not ensure that HTTPS is used, which allows remote attackers to obtain sensitive information by sniffing the net...
 
CVE-2014-6087
( 5/10 )
 
  IBM Security access manager for mo...
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 make it easier for remote attackers to obtain sensitive information by sniffing the network during use of a weak al...
 
CVE-2014-6088
( 5/10 )
 
  IBM Security access manager for mo...
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to obtain sensitive information by sniffing the network during use of the null SSL cipher.
 
CVE-2014-6089
( 4/10 )
 
  IBM Security access manager for mo...
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote authenticated users to cause a denial of service (disrupted system operations) by uploading a file to ...
 
CVE-2014-6164
( 5/10 )
 
  IBM Websphere application server
IBM WebSphere Application Server 8.0.x before 8.0.0.10 and 8.5.x before 8.5.5.4 allows remote attackers to spoof OpenID and OpenID Connect cookies, and consequently obtain sensitive information, via a crafted URL.
 
CVE-2014-6166
( 4.3/10 )
 
  IBM Websphere application server
The Communications Enabled Applications (CEA) service in IBM WebSphere Application Server 8.0.x before 8.0.0.10 and 8.5.x before 8.5.5.4, and Feature Pack for CEA 1.x before 1.0.0.15, allows remote attackers to read arbitrary files via an XML externa...
 
CVE-2014-6167
( 4.3/10 )
 
  IBM Websphere application server
Cross-site scripting (XSS) vulnerability in the URL rewriting feature in IBM WebSphere Application Server 7.x before 7.0.0.37, 8.0.x before 8.0.0.10, and 8.5.x before 8.5.5.4 allows remote attackers to inject arbitrary web script or HTML via a crafte...
 
CVE-2014-6174
( 4.3/10 )
 
  IBM Websphere application server
IBM WebSphere Application Server 7.x before 7.0.0.37, 8.0.x before 8.0.0.10, and 8.5.x before 8.5.5.4 allows remote attackers to conduct clickjacking attacks via a crafted web site.
 
CVE-2014-8012
( 4.3/10 )
 
  Cisco Adaptive security appliance so...
Cross-site scripting (XSS) vulnerability in the WebVPN Portal Login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via crafted attributes in a cookie, aka Bug ID CSCuh24695.
 
CVE-2014-8014
( 5/10 )
 
  Cisco Ios xr
Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCub63710.
 
CVE-2014-8108
( 5/10 )
 
  Apache Subversion
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a...
 
CVE-2014-8120
( 4.4/10 )
 
  Thermostat project Thermostat
The agent in Thermostat before 1.0.6, when using unspecified configurations, allows local users to obtain the JMX management URLs of all local Java virtual machines and gain privileges via unknown vectors.
[ Read More ]

Top Vendors:

Apple   Microsoft   Google   Oracle   Apache   IBM   Red Hat   HP   Adobe   Mozilla  

[ Full List of Vendors ]  

Top Products:

Linux Kernel   Mac OS X   Windows XP   Windows 7   Flash Player   Adobe Reader   PHP   JRE   JDK  
Wordpress   Joomla   Chrome   IE   Firefox   Safari   HTTPD   Tomcat   Nginx  

[ Full List of Products ]  



 
Copyright 2014, cxsecurity.com