Search:
WLB2

[ Bugs ]   [ Exploits ]
WLB2RSS Bugtraq WLB2RSS
[ Bogus ]   [ Tricks ]
2014-12-19
High Risk

Git 2.2.0 clients Critical Vulnerability

vmg
High Risk

G-Parted 0.14.1 Command Execution

(CVE)
W. Ettlinger
High Risk

NetIQ Access Manager 4.0 SP1 XSS / CSRF / XXE Injection / Disclosure

(CVE)
W. Ettlinger
High Risk

VDG Security SENSE 2.3.13 File Disclosure / Bypass / Buffer Overflow

Stefan
Medium Risk

WordPress iTwitter 0.04 Cross Site Request Forgery / Cross Site Scripting

(CVE)
Vulnerability La...
Medium Risk

WordPress PWG Random 1.11 CSRF / XSS

(CVE)
Manideep K
Medium Risk

WordPress TweetScribe 1.1 CSRF / XSS

(CVE)
Manideep K
Medium Risk

WordPress PictoBrowser 0.3.1 CSRF / XSS

(CVE)
Manideep K
Medium Risk

WordPress gSlideShow 0.1 CSRF / XSS

Manideep K
Medium Risk

WordPress Twitter 0.7 CSRF / XSS

(CVE)
Manideep K
Medium Risk

WordPress WP Limit Posts Automatically 0.7 CSRF / XSS

(CVE)
Manideep K
Medium Risk

WordPress Twitter LiveBlog 1.1.2 CSRF / XSS

(CVE)
Manideep K
Medium Risk

WordPress twimp-wp Cross Site Request Forgery / Cross Site Scripting

(CVE)
Manideep K
Medium Risk

WordPress SimpleFlickr 3.0.3 CSRF / XSS

(CVE)
Manideep K
Medium Risk

WordPress Simplelife 1.2 CSRF / XSS

(CVE)
Manideep K
Low Risk

TWiki 6.0.1 QUERYSTRING / QUERYPARAMSTRING XSS

(CVE)
Peter09
Low Risk

TWiki 6.0.0 / 6.0.1 WebSearch Cross Site Scripting

(CVE)
Peter09
Low Risk

Facebook Studio Cross Site Scripting

Vulnerability La...
Medium Risk

E-Journal CMS SQL Injection / Privilege Escalation

Vulnerability La...
2014-12-18
Medium Risk

vBulletin Moderator Control Panel 4.2.2 CSRF

Tomescu Daniel
Low Risk

Jease CMS 2.11 Script Insertion

Manideep K
Medium Risk

WordPress Bird Feeder 1.2.3 CSRF / XSS

(CVE)
Vulnerability La...
Medium Risk

Revive Adserver 3.0.5 Cross Site Scripting / Denial Of Service

(CVE)
Matteo Beccati
Low Risk

Revive Adserver 3.0.5 Cross Site Scripting

(CVE)
High-Tech Bridge...
Low Risk

W3 Total Cache 0.9.4 Cross Site Scripting

(CVE)
Tobias Glemser
High Risk

Morfy CMS 1.05 Remote Command Execution

(CVE)
Vulnerability La...
High Risk

E-Journal 1.0 Shell Upload / SQL Injection

X-Cisadane
Medium Risk

Jaangle 0.98i.977 Denial Of Service

hadji samir
2014-12-17
High Risk

Linux Kernel 'Grinch' polkit/wheel group issue

Joab Jackson
High Risk

Ettercap 8.0 / 8.1 Code Execution / Denial Of Service

(CVE)
Nick Sampanis
Low Risk

Arris Touchstone TG862G/CT Cross Site Scripting

(CVE)
Seth Art
Low Risk

Arris Touchstone TG862G/CT Cross Site Request Forgery

(CVE)
Seth Art
High Risk

CIK Telecom SVG6000RW Default Account / Command Execution

Chako
Medium Risk

iWifi For Chat 1.1 Denial Of Service

Vulnerability La...
High Risk

iUSB 1.2 Arbitrary Code Execution

Vulnerability La...
[ Read More ]

  Top CWE:   CWE-89 (SQL Injection)   CWE-79 (XSS)   CWE-119 (Buffer Overflow)   CWE-22 (Path Traversal)  

[ CVE Related ]   [ CWE Related ]   [ Dorks ]  

[ CVE Products ] [ CVE Vendors ]
WLB2RSS CVE CVEMAP.ORG WLB2RSS CVE
Last Update: 2014-12-19
2014-12-19
 
CVE-2014-7241
( 6.8/10 )
 
  Tsutaya Tsutaya
The TSUTAYA application 5.3 and earlier for Android allows remote attackers to execute arbitrary Java methods via a crafted HTML document.
 
CVE-2014-7249
( 10/10 )
 
  Alliedtelesis Ar440s
Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT-8748XL, AT-8848, AT-9816GB, AT-9924T, AT-9924Ts, CentreCOM AR415S, CentreCOM AR450S, CentreCOM AR550S, CentreCOM AR570S,...
 
CVE-2014-7267
( 3.5/10 )
 
  Ricksoft Wbs gantt-chart
Cross-site scripting (XSS) vulnerability in the output-page generator in the Ricksoft WBS Gantt-Chart add-on 7.8.1 and earlier for JIRA allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vuln...
 
CVE-2014-7268
( 4.3/10 )
 
  Ricksoft Wbs gantt-chart
Cross-site scripting (XSS) vulnerability in the data-export feature in the Ricksoft WBS Gantt-Chart add-on 7.8.1 and earlier for JIRA allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability th...
 
CVE-2013-4440
( 5/10 )
 
  Pwgen project Pwgen
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.
 
CVE-2013-4442
( 5/10 )
 
  Pwgen project Pwgen
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.
 
CVE-2014-2026
( 4.3/10 )
 
  Unitedplanet Intrexx professional
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the reques...
 
CVE-2014-2716
( 4.3/10 )
 
  Ekahau Activator
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on...
 
CVE-2014-6395
( 7.5/10 )
 
  Ettercap project Ettercap
Heap-based buffer overflow in the dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted password length value that is i...
 
CVE-2014-6396
( 7.5/10 )
 
  Ettercap project Ettercap
The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 8.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted password length, which triggers a 0 character to be written ...
 
CVE-2014-7208
( 7.2/10 )
 
  Gparted Gparted
GParted before 0.15.0 allows local users to execute arbitrary commands with root privileges via shell metacharacters in a crafted filesystem label.
2014-12-18
 
CVE-2014-3580
( 5/10 )
 
  Apache Subversion
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does n...
 
CVE-2014-6076
( 4.3/10 )
 
  IBM Security access manager for mo...
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to conduct clickjacking attacks via a crafted web site.
 
CVE-2014-6077
( 6.8/10 )
 
  IBM Security access manager for mo...
Cross-site request forgery (CSRF) vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote attackers to hijack the authentication of arbitrar...
 
CVE-2014-4801
( 3.5/10 )
 
  IBM Rational quality manager
Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x through 2.0.1.1, 3.x before 3.0.1.6 iFix 4, 4.x before 4.0.7 iFix 2, and 5.x before 5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a craf...
 
CVE-2014-6078
( 5/10 )
 
  IBM Security access manager for mo...
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do not have a lockout period after invalid login attempts, which makes it easier for remote attackers to obtain adm...
 
CVE-2014-6080
( 6.5/10 )
 
  IBM Security access manager for mo...
SQL injection vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified ...
 
CVE-2014-6082
( 4/10 )
 
  IBM Security access manager for mo...
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote authenticated users to cause a denial of service (administration UI outage) via unspecified vectors.
 
CVE-2014-6083
( 5/10 )
 
  IBM Security access manager for mo...
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session.
 
CVE-2014-6084
( 5/10 )
 
  IBM Security access manager for mo...
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 make it easier for remote attackers to obtain sensitive information by sniffing the network during use of a weak SS...
[ Read More ]

Top Vendors:

Apple   Microsoft   Google   Oracle   Apache   IBM   Red Hat   HP   Adobe   Mozilla  

[ Full List of Vendors ]  

Top Products:

Linux Kernel   Mac OS X   Windows XP   Windows 7   Flash Player   Adobe Reader   PHP   JRE   JDK  
Wordpress   Joomla   Chrome   IE   Firefox   Safari   HTTPD   Tomcat   Nginx  

[ Full List of Products ]  



 
Copyright 2014, cxsecurity.com