Search:
WLB2

[ Bugs ]   [ Exploits ]
WLB2RSS Bugtraq WLB2RSS
[ Bogus ]   [ Tricks ]
2014-09-20
Medium Risk

ArticleFR 11.06.2014 (data.php) - Privilege Escalation

(CVE)
High-Tech Bridge...
Low Risk

Feng Office Cross Site Scripting

(CVE)
Provensec
Low Risk

Ganeti Insecure Archive Permission

(CVE)
Helga Velroyen
Low Risk

ntopng 1.2.0 Cross Site Scripting

(CVE)
Steffen Bauch
High Risk

PhpWiki Ploticus Command Injection

(CVE)
Benjamin Harris
Medium Risk

ace /tmp file vulnerability

(CVE)
Helmut
High Risk

Plogger Authenticated Arbitrary File Upload

(CVE)
b0z
Low Risk

MailEnable Enterprise 6.5 XSS

(CVE)
loneferret
High Risk

GetSimpleCMS PHP File Upload

Ahmed
Low Risk

Nokia Asha 501 Lock Bypass

Hammad Shamsi
Low Risk

M/Monit 3.2.2 Cross Site Request Forgery

(CVE)
Dolev Farhi
2014-09-19
Low Risk

Netgear Download Center Cross Site Scripting / Open Redirect

Claudio Viviani
High Risk

Apple Foundation NSXMLParser XML eXternal Entity (XXE)

(CVE)
George D. Gal
Low Risk

WatchGuard XTM 11.8.3 Cross Site Scripting

William
Low Risk

Oracle MyOracle Filter Bypass

Vulnerability La...
2014-09-18
Low Risk

Nokia Asha Lock Code Bypass

Muhammad Shahmee...
Medium Risk

webEdition 6.3.8.0 Path Traversal

(CVE)
High-Tech Bridge...
Medium Risk

seafile-server 3.1.5 Denial Of Service

retset
Low Risk

MODX Revolution 2.3.1-pl Cross Site Scripting

(CVE)
High-Tech Bridge...
Low Risk

Livefyre LiveComments 3.0 Cross Site Scripting

Brij Kishore Mis...
Low Risk

OsClass 3.4.1 Cross Site Scripting

(CVE)
Omar Kurt
Medium Risk

OsClass 3.4.1 Local File Inclusion

(CVE)
Omar Kurt
Low Risk

WordPress WP-Ban 1.62 Bypass

(CVE)
Tom Adams
Medium Risk

ClassApps SelectSurvey.net 4.124.004 SQL Injection

(CVE)
Anonymous
Medium Risk

WordPress Login Widget With Shortcode 3.1.1 CSRF / XSS

Tom Adams
Low Risk

MIUI Wifi Connection Message Wireless Enable

nipc
Low Risk

MIUI Torch Enable

nipc
Low Risk

Android Bluetooth Enable

nipc
2014-09-17
High Risk

Phpwiki Ploticus Remote Code Execution

(CVE)
us3r777
Low Risk

CM Browser SOP Bypass

Rafay Baloch
Medium Risk

OSSEC 2.8 umask Clear Text Passwords

aramosf
Medium Risk

Cart Engine 3.0 XSS / Open Redirect / SQL Injection

Pietro Minniti
Low Risk

In-Portal CMS 5.2.0 Cross Site Scripting

MustLive
High Risk

Delphi And C++ Builder VCL Library Heap Buffer Overflow

(CVE)
Core
Medium Risk

Laravel 2.1 Hash::make() bcrypt Truncation

u0x
[ Read More ]

  Top CWE:   CWE-89 (SQL Injection)   CWE-79 (XSS)   CWE-119 (Buffer Overflow)   CWE-22 (Path Traversal)  

[ CVE Related ]   [ CWE Related ]   [ Dorks ]  

[ CVE Products ] [ CVE Vendors ]
WLB2RSS CVE CVEMAP.ORG WLB2RSS CVE
Last Update: 2014-09-22
2014-09-20
 
CVE-2014-0985
( 6.8/10 )
 
  Advantech Advantech webaccess
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName parameter.
 
CVE-2014-0986
( 6.8/10 )
 
  Advantech Advantech webaccess
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the GotoCmd parameter.
 
CVE-2014-0987
( 6.8/10 )
 
  Advantech Advantech webaccess
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName2 parameter.
 
CVE-2014-0988
( 6.8/10 )
 
  Advantech Advantech webaccess
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode parameter.
 
CVE-2014-0989
( 6.8/10 )
 
  Advantech Advantech webaccess
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode2 parameter.
 
CVE-2014-0990
( 6.8/10 )
 
  Advantech Advantech webaccess
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the UserName parameter.
 
CVE-2014-0991
( 6.8/10 )
 
  Advantech Advantech webaccess
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the projectname parameter.
 
CVE-2014-0992
( 6.8/10 )
 
  Advantech Advantech webaccess
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the password parameter.
 
CVE-2014-6421
( 5/10 )
 
  Wireshark Wireshark
Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service (application crash) via a crafted packet that leverages split memory ownership between the SDP and RTP dissector...
 
CVE-2014-6422
( 5/10 )
 
  Wireshark Wireshark
The SDP dissector in Wireshark 1.10.x before 1.10.10 creates duplicate hashtables for a media channel, which allows remote attackers to cause a denial of service (application crash) via a crafted packet to the RTP dissector.
 
CVE-2014-6423
( 5/10 )
 
  Wireshark Wireshark
The tvb_raw_text_add function in epan/dissectors/packet-megaco.c in the MEGACO dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (infinite loop) via an empty line.
 
CVE-2014-6424
( 5/10 )
 
  Wireshark Wireshark
The dissect_v9_v10_pdu_data function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a den...
 
CVE-2014-6425
( 5/10 )
 
  Wireshark Wireshark
The (1) get_quoted_string and (2) get_unquoted_string functions in epan/dissectors/packet-cups.c in the CUPS dissector in Wireshark 1.12.x before 1.12.1 allow remote attackers to cause a denial of service (buffer over-read and application crash) via ...
 
CVE-2014-6426
( 5/10 )
 
  Wireshark Wireshark
The dissect_hip_tlv function in epan/dissectors/packet-hip.c in the HIP dissector in Wireshark 1.12.x before 1.12.1 does not properly handle a NULL tree, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
 
CVE-2014-6427
( 5/10 )
 
  Wireshark Wireshark
Off-by-one error in the is_rtsp_request_or_reply function in epan/dissectors/packet-rtsp.c in the RTSP dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via ...
 
CVE-2014-6428
( 5/10 )
 
  Wireshark Wireshark
The dissect_spdu function in epan/dissectors/packet-ses.c in the SES dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not initialize a certain ID value, which allows remote attackers to cause a denial of service (application...
 
CVE-2014-6429
( 5/10 )
 
  Wireshark Wireshark
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not properly handle empty input data, which allows remote attackers to cause a denial of service (ap...
 
CVE-2014-6430
( 5/10 )
 
  Wireshark Wireshark
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not validate bitmask data, which allows remote attackers to cause a denial of service (application c...
 
CVE-2014-6431
( 5/10 )
 
  Wireshark Wireshark
Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted...
 
CVE-2014-6432
( 5/10 )
 
  Wireshark Wireshark
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial ...
[ Read More ]

Top Vendors:

Apple   Microsoft   Google   Oracle   Apache   IBM   Red Hat   HP   Adobe   Mozilla  

[ Full List of Vendors ]  

Top Products:

Linux Kernel   Mac OS X   Windows XP   Windows 7   Flash Player   Adobe Reader   PHP   JRE   JDK  
Wordpress   Joomla   Chrome   IE   Firefox   Safari   HTTPD   Tomcat   Nginx  

[ Full List of Products ]  



 
Copyright 2014, cxsecurity.com