Search:
WLB2

[ Bugs ]   [ Exploits ]
WLB2RSS Bugtraq WLB2RSS
[ Bogus ]   [ Tricks ]
2014-07-24
High Risk

TimThumb 2.8.13 Remote Code Execution

(CVE)
u0x
High Risk

LPAR2RRD 3.5 / 4.53 Command Injection

(CVE)
Bilberger
Medium Risk

E2 2844 SQL Injection

(CVE)
Ilya Birman
Medium Risk

CMS VIA-X SQL Injection

Felipe Andrian P...
High Risk

Ukora CMS Shell Upload

Jagriti Sahu AKA...
2014-07-23
Medium Risk

Apache 2.4.x mod_proxy Denial Of Service

Marek Kroemeke
Medium Risk

Linux Kernel ptrace/sysret Local Privilege Escalation

(CVE)
Vitaly Nikolenko
High Risk

Ansible 1.6.6 Arbitrary Code Execution

(CVE)
Brian Harring
Low Risk

EventLog Analyzer 9.0 Build #9000 Cross Site Scripting

A2SECURE
Low Risk

Symantec Endpoint Protection Manager 12.1.4023.4080 Login Bruteforce

Tsvetkov
High Risk

DjVuLibre 3.5.25.3 Out Of Bounds Access Violation

drone
Low Risk

SonicWALL GMS 7.2 Build 7221.1701 Cross Site Scripting

William Costa
Medium Risk

SGMiner / CGMiner Denial Of Service

(CVE)
Mick Ayzenberg
Medium Risk

Sum Technologies SQL Injection

Th3 R0cksT3r
Low Risk

Barracuda Networks Spam And Virus Firewall 6.0.2 XSS

Vulnerability La...
High Risk

SGMiner / CGMiner / BFGMiner Heap Overflow

(CVE)
Mick Ayzenberg
Medium Risk

SGMiner / CGMiner / BFGMiner Stack Overflow

(CVE)
Mick Ayzenberg
2014-07-22
Medium Risk

vBulletin 5.1.2 SQL Injection Exploit

Nytro
Medium Risk

Apache Scoreboard / Status Race Condition

Marek Kroemeke
Medium Risk

Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation

(CVE)
Matt Bergin of K...
Medium Risk

Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation

(CVE)
Matt Bergin of K...
High Risk

IBM 1754 GCM KVM Code Execution / File Read / XSS

(CVE)
Alejandro Alvare...
Low Risk

MyConnection Server (MCS) 9.7i Cross Site Scripting

1N3
High Risk

Elasticsearch Logstash 1.4.1 Command Execution

(CVE)
Jordan Sissel
High Risk

Tenable Nessus 5.2.7 Parameter Tampering / Authentication Bypass

(CVE)
Robert Gilbert
Low Risk

MTS MBlaze 3G Wi-Fi Modem Data Theft / Modification

Ajin Abraham
Medium Risk

WordPress Gallery Objects 0.4 SQL Injection

Claudio Viviani
Medium Risk

World Of Warcraft 3.3.5a Stack Overflow

Alireza Chegini
Medium Risk

Design Foundry Cross Site Scripting / SQL Injection

Hekt0r
2014-07-19
High Risk

Apache httpd mod_status Heap Buffer Overflow Remote Code Execution

(CVE)
ZDI
Medium Risk

vBulletin 5.1.2 SQL Injection *youtube

RST
High Risk

micro_httpd by ACME Buffer Overflow

Yuval tisf Nativ
High Risk

Dahua DVR Authentication Bypass

(CVE)
Zhejiang
2014-07-18
Low Risk

Aruba Networks ClearPass Policy Manager SQL Injection and Credential Disclosure

(CVE)
Nate Roberts fro...
High Risk

Yealink VoIP Phone SIP-T38G Default Credentials

(CVE)
RingZer0 Team
[ Read More ]

  Top CWE:   CWE-89 (SQL Injection)   CWE-79 (XSS)   CWE-119 (Buffer Overflow)   CWE-22 (Path Traversal)  

[ CVE Related ]   [ CWE Related ]   [ Dorks ]  

[ CVE Products ] [ CVE Vendors ]
WLB2RSS CVE CVEMAP.ORG WLB2RSS CVE
Last Update: 2014-07-23
2014-07-23
 
CVE-2014-1544
( 10/10 )
 
  Mozilla Firefox
Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to e...
 
CVE-2014-1547
( 10/10 )
 
  Mozilla Firefox
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or poss...
 
CVE-2014-1548
( 10/10 )
 
  Mozilla Firefox
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via...
 
CVE-2014-1549
( 9.3/10 )
 
  Mozilla Firefox
The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or caus...
 
CVE-2014-1550
( 10/10 )
 
  Mozilla Firefox
Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Au...
 
CVE-2014-1551
( 10/10 )
 
  Mozilla Firefox
Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML cont...
 
CVE-2014-1552
( 5.8/10 )
 
  Mozilla Firefox
Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction ...
 
CVE-2014-1555
( 9.3/10 )
 
  Mozilla Firefox
Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateCha...
 
CVE-2014-1556
( 9.3/10 )
 
  Mozilla Firefox
Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library.
 
CVE-2014-1557
( 9.3/10 )
 
  Mozilla Firefox
The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attacke...
 
CVE-2014-1558
( 4.3/10 )
 
  Mozilla Firefox
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vul...
 
CVE-2014-1559
( 4.3/10 )
 
  Mozilla Firefox
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vul...
 
CVE-2014-1560
( 4.3/10 )
 
  Mozilla Firefox
Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use ASCII character encoding in a required context.
 
CVE-2014-1561
( 5.8/10 )
 
  Mozilla Firefox
Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during (1) page, (2) pa...
 
CVE-2014-3537
( 1.2/10 )
 
  Apple CUPS
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.
 
CVE-2014-3555
( 4/10 )
 
  Openstack Neutron
OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs.
 
CVE-2014-3938
( 9.3/10 )
 
  Autodesk Sketchbook pro
Integer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote attackers to execute arbitrary code via crafted layer mask data in a PSD file, which triggers a heap-based buffer overflow.
 
CVE-2014-3939
( 9.3/10 )
 
  Autodesk Sketchbook pro
Heap-based buffer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote attackers to execute arbitrary code via crafted layer bitmap data in a PXD file.
 
CVE-2014-4501
( 10/10 )
 
  Bfgminer Bfgminer
Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 3.3.0 allow remote pool servers to have unspecified impact via a long URL in a client.reconnect stratum message to the (1) extract_sockaddr or (2...
 
CVE-2014-4502
( 10/10 )
 
  Bfgminer Bfgminer
Multiple heap-based buffer overflows in the parse_notify function in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 4.1.0 allow remote pool servers to have unspecified impact via a (1) large or (2) negative value in the Extranonc2_si...
[ Read More ]

Top Vendors:

Apple   Microsoft   Google   Oracle   Apache   IBM   Red Hat   HP   Adobe   Mozilla  

[ Full List of Vendors ]  

Top Products:

Linux Kernel   Mac OS X   Windows XP   Windows 7   Flash Player   Adobe Reader   PHP   JRE   JDK  
Wordpress   Joomla   Chrome   IE   Firefox   Safari   HTTPD   Tomcat   Nginx  

[ Full List of Products ]  



 
Copyright 2014, cxsecurity.com