Search:
WLB2

[ Bugs ]   [ Exploits ]
WLB2RSS Bugtraq WLB2RSS
[ Bogus ]   [ Tricks ]
2014-09-30
High Risk

GNU Bash 4.3 Command Injection

JSacco
Medium Risk

AllMyGuests 0.4.1 XSS / SQL Injection / Insecure Cookie Handling

indoushka
Low Risk

Internet Explorer 8 Fixed Col Span ID Full ASLR, DEP, And EMET 5.0 Bypass

(CVE)
sickness
Low Risk

Outlook Web App (OWA) / Client Access Server (CAS) IIS HTTP Internal IP Disclosure

Nate Power
Medium Risk

Bacula-web 5.2.10 SQL Injection

wishnusakti
Low Risk

PayPal Service Manager Script Insertion

Vulnerability La...
Low Risk

PayPal Bill Later Mail Encoding Cross Site Scripting

Vulnerability
2014-09-29
High Risk

DHCP Client Bash Environment Variable Code Injection

(CVE)
Ramon
Medium Risk

Typo3 JobControl 2.14.0 Cross Site Scripting / SQL Injection

Mogwai
Medium Risk

Exinda WAN Optimization Suite 7.0.0 CSRF / XSS

William Costa
Medium Risk

Comersus Sophisticated Cart Database Disclosure

indoushka
2014-09-28
Medium Risk

Oscommerce 2.3.4 XSS / HPP / File Inclusion

indoushka
Medium Risk

Openfiler 2.99.1 Denial Of Service

(CVE)
dolevff
High Risk

Apache mod_cgi Bash Environment Variable Code Injection

(CVE)
Juan vazquez
Low Risk

Get Simple CMS 3.3.3 Information Disclosure / XSS

indoushka
Medium Risk

NDBLOG 0.1 Cross Site Scripting / SQL Injection

indoushka
Low Risk

SmarterTools Smarter Track 6-10 Information Disclosure

Vulnerability La...
Medium Risk

GS Foto Uebertraeger 3.0 iOS File Include Vulnerability

Vulnerability La...
High Risk

Gnu Bash 4.3 CGI Scan Remote Command Injection

(CVE)
Stephane Chazela...
Medium Risk

Nucom ADSL ADSLR5000UN ISP Credential Disclosure

Sebasti&#161...
High Risk

Dhclient Bash Environment Variable Injection

(CVE)
egypt
High Risk

POSNIC 1.02 Directory Listing / File Upload

indoushka
Low Risk

PayPal Mail Encoding Script Insertion

Vulnerability La...
Low Risk

PayPal Community Web Portal Cross Site Scripting

Vulnerability La...
2014-09-26
Medium Risk

Perl 5.20.1 Deep Recursion Stack Overflow

(CVE)
LSE
Low Risk

Telerik ASP.NET AJAX RadEditor Control 2014.1.403.35 XSS

(CVE)
Tyler Hoyle
High Risk

Mac OS X VMWare Fusion Root Privilege Escalation

(CVE)
joev
Medium Risk

LibVNCServer 0.9.9 Remote Code Execution / Denial Of Service

(CVE)
Nicolas Ruff
High Risk

bashedCgi Remote Command Execution

(CVE)
Shaun Colley
Medium Risk

All In One WP Security 3.8.2 SQL Injection

(CVE)
High-Tech Bridge...
2014-09-25
High Risk

CGI Remote Code Injection by Bash Proof Of Concept

(CVE)
Prakhar Prasad &...
High Risk

ZyXEL Prestig P-660HNU-T1v2 Credential Disclosure

Sebastia&#16...
Medium Risk

WS10 Data Server SCADA Exploit Overflow PoC

Pedro S
High Risk

Advantech WebAccess dvs.ocx GetColor Buffer Overflow

(CVE)
Juan vazquez
High Risk

EMC AlphaStor Device Manager Opcode 0x75 Command Injection

(CVE)
Anyway
[ Read More ]

  Top CWE:   CWE-89 (SQL Injection)   CWE-79 (XSS)   CWE-119 (Buffer Overflow)   CWE-22 (Path Traversal)  

[ CVE Related ]   [ CWE Related ]   [ Dorks ]  

[ CVE Products ] [ CVE Vendors ]
WLB2RSS CVE CVEMAP.ORG WLB2RSS CVE
Last Update: 2014-09-30
2014-09-29
 
CVE-2012-5619
( 2.1/10 )
 
  Sleuthkit The sleuth kit
The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file system entries in FAT file systems and other file systems for which . is not a reserved name, which allows local users to hide activities it more difficult to conduct forensics ac...
 
CVE-2013-1874
( 4.4/10 )
 
  Call-cc Chicken
Untrusted search path vulnerability in csi in Chicken before 4.8.2 allows local users to execute arbitrary code via a Trojan horse .csirc in the current working directory.
2014-09-28
 
CVE-2012-6657
( 4.9/10 )
 
  Linux Linux kernel
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the abilit...
 
CVE-2014-3181
( 6.9/10 )
 
  Linux Linux kernel
Multiple stack-based buffer overflows in the magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through 3.16.3 allow physically proximate attackers to cause a denial of service (system cras...
 
CVE-2014-3182
( 6.9/10 )
 
  Linux Linux kernel
Array index error in the logi_dj_raw_event function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (invalid kfree) via a crafted device t...
 
CVE-2014-3183
( 6.9/10 )
 
  Linux Linux kernel
Heap-based buffer overflow in the logi_dj_ll_raw_request function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code ...
 
CVE-2014-3184
( 4.7/10 )
 
  Linux Linux kernel
The report_fixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (...
 
CVE-2014-3185
( 6.9/10 )
 
  Linux Linux kernel
Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a deni...
 
CVE-2014-3186
( 6.9/10 )
 
  Google Nexus 7
Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of...
 
CVE-2014-3631
( 7.2/10 )
 
  Linux Linux kernel
The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference...
 
CVE-2014-6410
( 4.7/10 )
 
  Linux Linux kernel
The __udf_read_inode function in fs/udf/inode.c in the Linux kernel through 3.16.3 does not restrict the amount of ICB indirection, which allows physically proximate attackers to cause a denial of service (infinite loop or stack consumption) via a UD...
 
CVE-2014-6416
( 7.8/10 )
 
  Linux Linux kernel
Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, allows remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a long unencrypted auth ticket.
 
CVE-2014-6417
( 7.8/10 )
 
  Linux Linux kernel
net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly consider the possibility of kmalloc failure, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact v...
 
CVE-2014-6418
( 7.1/10 )
 
  Linux Linux kernel
net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from t...
 
CVE-2014-7145
( 7.8/10 )
 
  Linux Linux kernel
The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ sh...
 
CVE-2014-0205
( 6.9/10 )
 
  Linux Linux kernel
The futex_wait function in kernel/futex.c in the Linux kernel before 2.6.37 does not properly maintain a certain reference count during requeue operations, which allows local users to cause a denial of service (use-after-free and system crash) or pos...
 
CVE-2014-2639
( 4.6/10 )
 
  HP Mpio device specific module ma...
Unspecified vulnerability in HP MPIO Device Specific Module Manager before 4.02.00 allows local users to gain privileges via unknown vectors.
 
CVE-2014-3535
( 7.8/10 )
 
  Linux Linux kernel
include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdev_printk and its related logging implementation, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) by se...
 
CVE-2014-7186
( 10/10 )
 
  GNU BASH
The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted use of here doc...
 
CVE-2014-7187
( 10/10 )
 
  GNU BASH
Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via deepl...
[ Read More ]

Top Vendors:

Apple   Microsoft   Google   Oracle   Apache   IBM   Red Hat   HP   Adobe   Mozilla  

[ Full List of Vendors ]  

Top Products:

Linux Kernel   Mac OS X   Windows XP   Windows 7   Flash Player   Adobe Reader   PHP   JRE   JDK  
Wordpress   Joomla   Chrome   IE   Firefox   Safari   HTTPD   Tomcat   Nginx  

[ Full List of Products ]  



 
Copyright 2014, cxsecurity.com