Search:
WLB2

[ Bugs ]   [ Exploits ]
WLB2RSS Bugtraq WLB2RSS
[ Bogus ]   [ Tricks ]
2014-04-24
High Risk

Acunetix 2014 0DAY Buffer overflow *youtube

an7isec
High Risk

OpenSSL DTLS Support Information Leak Exploit 2

(CVE)
Ayman Sagy
Medium Risk

cFos Personal Net v3.09 Remote Heap Memory Corruption DoS

Gjoko 'LiquidWor...
Medium Risk

Sixnet Sixview 2.4.1 Directory Traversal

(CVE)
daniel svartman
High Risk

dompdf 0.6.0 Arbitrary File Read

(CVE)
Alejo Murillo Mo...
High Risk

WD Arkeia Virtual Appliance Directory Traversal / Command Execution

(CVE)
M. Lucinskij
High Risk

AirPhoto WebDisk 4.1.0 Code Execution

Vulnerability La...
High Risk

Livetecs Timelive 6.2.71 Unauthenticated Access

(CVE)
Richard Hatch
High Risk

Livetecs Timelive 6.2.71 Unauthenticated File Upload

(CVE)
Richard Hatch
Low Risk

CMS Softgov Cross Site Scripting

Peixoto
Medium Risk

IBM Server RAID Manager Browser Edition Blind SQL Injection

JoeV
2014-04-23
Low Risk

ASUS RT-AC68U Cross Site Scripting

(CVE)
Joaquim Brasil d...
High Risk

ASUS RT-AC68U Remote Command Execution

(CVE)
Joaquim Brasil d...
High Risk

Parallels Plesk Panel 12.x Key Disclosure

Tim Rots
High Risk

No-CMS 0.6.6 Rev 1 Account Hijack / Remote Command Execution

Mehmet Ince
Low Risk

Symantec Messaging Gateway 10.5.1 Cross Site Scripting

illiam Costa
Medium Risk

iDevAffiliate 5.x SQL Injection

Robert Cooper
2014-04-22
Medium Risk

KnowledgeTree Blind SQL Injection

(CVE)
Craig Arendt
Low Risk

WordPress JS External Link Info Cross Site Scripting

Ashiyane Digital...
Medium Risk

PTCeffect 4.6 Local File Inclusion / SQL Injection

Walidz
Low Risk

DuBose Web Group CMS Cross Site Scripting

Renzi
Medium Risk

Wapoweb SQL Injection

Renzi
2014-04-21
Medium Risk

systemd create or overwrite arbitrary files

(CVE)
Sebastian Krahme...
High Risk

Wordpress Themes Theagency File Upload Vulnerability

AnonBoy
Medium Risk

phpManufaktur / kitForm <= 0.43 SQL Injection

xoxo chapp
Medium Risk

Media Player Classic Memory Corruption

(CVE)
Aryan Bayanineja...
Low Risk

mojoPortal 2.4.0.3 Multiple XSS Vulnerabilities

Smash_
Medium Risk

WordPress File Disclosure Vulnerability

Th3 R0cksT3r
Medium Risk

CGR BRASIL CMS Sql Injection

Felipe Andrian P...
Low Risk

Teracom Modem CSRF Vulnerability

Rakesh S
2014-04-19
Medium Risk

clang-3.5 scan-build insecure use of /tmp

(CVE)
Jakub Wilk
High Risk

Adobe Flash Player Regular Expression Heap Overflow

(CVE)
Juan vazquez
Low Risk

CU3ER 1.24 Cross Site Scripting / Content Spoofing

MustLive
High Risk

Sercomm TCP/32674 Backdoor Reactivation

Eloi Vanderbeken
Medium Risk

Linux group_info Denial Of Service

(CVE)
Thomas Pollet
[ Read More ]

  Top CWE:   CWE-89 (SQL Injection)   CWE-79 (XSS)   CWE-119 (Buffer Overflow)   CWE-22 (Path Traversal)  

[ CVE Related ]   [ CWE Related ]   [ Dorks ]  

[ CVE Products ] [ CVE Vendors ]
WLB2RSS CVE CVEMAP.ORG WLB2RSS CVE
Last Update: 2014-04-24
2014-04-24
 
CVE-2014-2391
( 4.3/10 )
 
  Open-xchange Open-xchange appsuite
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid passwo...
 
CVE-2014-2392
( 4.3/10 )
 
  Open-xchange Open-xchange appsuite
The E-Mail autoconfiguration feature in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 places a password in a GET request, which allows remote attackers to obtain sensitive information by reading (1) ...
 
CVE-2014-2393
( 4.3/10 )
 
  Open-xchange Open-xchange appsuite
Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite 7.4.1 before 7.4.1-rev11 and 7.4.2 before 7.4.2-rev13 allows remote attackers to inject arbitrary web script or HTML via a Drive filename that is not properly handled during use of the...
 
CVE-2012-3946
( 5/10 )
 
  Cisco IOS
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packe...
 
CVE-2012-5723
( 6.1/10 )
 
  Cisco Asr 1001 router
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.
 
CVE-2013-6738
( 4.3/10 )
 
  IBM Smartcloud analytics log analy...
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth au...
 
CVE-2014-2907
( 4.3/10 )
 
  Wireshark Wireshark
The srtp_add_address function in epan/dissectors/packet-rtp.c in the RTP dissector in Wireshark 1.10.x before 1.10.7 does not properly update SRTP conversation data, which allows remote attackers to cause a denial of service (application crash) via a...
 
CVE-2014-0188
( 7.5/10 )
 
  Redhat Openshift
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary ...
 
CVE-2014-2736
( 7.5/10 )
 
  MODX Modx revolution
Multiple SQL injection vulnerabilities in MODX Revolution before 2.2.14 allow remote attackers to execute arbitrary SQL commands via the (1) session ID (PHPSESSID) to index.php or remote authenticated users to execute arbitrary SQL commands via the (...
 
CVE-2014-2915
( 5.5/10 )
 
  XEN XEN
Xen 4.4.x, when running on ARM systems, does not properly restrict access to hardware features, which allows local guest users to cause a denial of service (host or guest crash) via unspecified vectors, related to (1) cache control, (2) coprocessors,...
2014-04-23
 
CVE-2012-0360
( 5/10 )
 
  Cisco IOS
Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.
 
CVE-2012-1317
( 5.4/10 )
 
  Cisco IOS
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717.
 
CVE-2012-1366
( 6.1/10 )
 
  Cisco Asr 1001 router
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.
 
CVE-2012-3062
( 5.7/10 )
 
  Cisco IOS
Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSC...
 
CVE-2012-3918
( 4.3/10 )
 
  Cisco Catalyst 2900
Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317.
 
CVE-2012-4638
( 4.9/10 )
 
  Cisco IOS
Cisco IOS before 15.1(1)SY allows local users to cause a denial of service (device reload) by establishing an outbound SSH session, aka Bug ID CSCto00318.
 
CVE-2012-4651
( 4.3/10 )
 
  Cisco IOS
Cisco IOS before 15.3(2)T, when scansafe is enabled, allows remote attackers to cause a denial of service (latency) via SYN packets that are not accompanied by SYN-ACK packets from the Scan Safe Tower, aka Bug ID CSCub85451.
 
CVE-2012-4658
( 5/10 )
 
  Cisco IOS
The ios-authproxy implementation in Cisco IOS before 15.1(1)SY3 allows remote attackers to cause a denial of service (webauth and HTTP service outage) via vectors that trigger incorrectly terminated HTTP sessions, aka Bug ID CSCtz99447.
 
CVE-2012-5014
( 6.3/10 )
 
  Cisco IOS
Cisco IOS before 15.1(2)SY allows remote authenticated users to cause a denial of service (device crash) by establishing an SSH session from a client and then placing this client into a (1) slow or (2) idle state, aka Bug ID CSCto87436.
 
CVE-2012-5017
( 6.8/10 )
 
  Cisco Asr 1001 router
Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268.
[ Read More ]

Top Vendors:

Apple   Microsoft   Google   Oracle   Apache   IBM   Red Hat   HP   Adobe   Mozilla  

[ Full List of Vendors ]  

Top Products:

Linux Kernel   Mac OS X   Windows XP   Windows 7   Flash Player   Adobe Reader   PHP   JRE   JDK  
Wordpress   Joomla   Chrome   IE   Firefox   Safari   HTTPD   Tomcat   Nginx  

[ Full List of Products ]  



 
Copyright 2014, cxsecurity.com