258031
|
- |
|
jansson_project
|
jansson
|
Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a …
|
CWE-310
Cryptographic Issues
|
CVE-2013-6401
|
2014-05-23 13:03 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258032
|
- |
|
barracudadrive
|
barracudadrive
|
Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) blog, (2) bloggeruser, or (3) bloggerpasswd param…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3807
|
2014-05-23 00:16 |
2014-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258033
|
- |
|
beetel
|
450tc2_router_firmware 450tc2_router
|
Cross-site request forgery (CSRF) vulnerability in Beetel 450TC2 Router with firmware TX6-0Q-005_retail allows remote attackers to hijack the authentication of administrators for requests that change…
|
CWE-352
Origin Validation Error
|
CVE-2014-3792
|
2014-05-22 08:37 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258034
|
- |
|
efssoft
|
easy_file_sharing_web_server
|
Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 allows remote attackers to execute arbitrary code via a long string in a cookie UserID parameter to vfolder.ghp.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3791
|
2014-05-22 07:35 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258035
|
- |
|
zenoss
|
zenoss
|
Open redirect vulnerability in zport/acl_users/cookieAuthHelper/login_form in Zenoss 4.2.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in t…
|
CWE-20
Improper Input Validation
|
CVE-2014-3739
|
2014-05-22 07:07 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258036
|
- |
|
juniper
|
junos_space junos_space_ja1500_appliance junos_space_ja2500_appliance
|
Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2014-3412
|
2014-05-22 05:40 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258037
|
- |
|
x2go
|
x2go_server
|
x2gocleansessions in X2Go Server before 4.0.0.8 and 4.0.1.x before 4.0.1.10 allows remote authenticated users to gain privileges via unspecified vectors, possibly related to backticks.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7383
|
2014-05-22 03:47 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258038
|
- |
|
mediafront
|
mediafront
|
Cross-site scripting (XSS) vulnerability in the MediaFront module 6.x-1.x before 6.x-1.6, 7.x-1.x before 7.x-1.6, and 7.x-2.x before 7.x-2.1 for Drupal allows remote authenticated users with the "adm…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4380
|
2014-05-22 03:44 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258039
|
- |
|
typo3
|
typo3
|
The File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.8 and 6.1.x before 6.1.4 allows remote authenticated editors to execute arbitrary PHP code via unspecified characters in the file extension …
|
CWE-94
Code Injection
|
CVE-2013-4321
|
2014-05-22 02:39 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258040
|
- |
|
typo3
|
typo3
|
The File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.9 and 6.1.x before 6.1.4 does not properly check permissions, which allows remote authenticated users to create or read arbitrary files via …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4320
|
2014-05-21 22:08 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|