258591
|
- |
|
nttdocomo
|
spmode_mail_android
|
The NTT DOCOMO sp mode mail application 5900 through 6300 for Android 4.0.x and 6000 through 6620 for Android 4.1 through 4.4 allows remote attackers to execute arbitrary Java methods via Deco-mail e…
|
CWE-94
Code Injection
|
CVE-2014-1979
|
2014-03-21 01:36 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258592
|
- |
|
nttdocomo
|
spmode_mail_android
|
The NTT DOCOMO sp mode mail application 6300 and earlier for Android 4.0.x and 6700 and earlier for Android 4.1 through 4.4 uses weak permissions for attachments during processing of incoming e-mail …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1977
|
2014-03-21 01:03 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258593
|
- |
|
nttdocomo
|
spmode_mail_android
|
The application link interface in the NTT DOCOMO sp mode mail application 6100 through 6300 for Android 4.0.x and 6130 through 6700 for Android 4.1 through 4.4 writes message content to the SD card d…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1978
|
2014-03-21 01:02 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258594
|
- |
|
xnview
|
xnview
|
Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via a large NUM_ELEMENTS field in an IFD_ENTRY structure in a JXR file, which triggers a heap-based buf…
|
CWE-189
Numeric Errors
|
CVE-2013-3938
|
2014-03-19 22:59 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258595
|
- |
|
sophos
|
web_appliance_firmware web_appliance
|
Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance before 3.7.8.2 allow remote attackers to inject arbitrary web script or HTML via the (1) xss parameter in an allow action t…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2643
|
2014-03-19 22:55 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258596
|
- |
|
sophos
|
web_appliance_firmware web_appliance
|
Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to execute arbitrary commands via shell metacharacters in the client-ip parameter to the Block page, when using the user_workstation va…
|
CWE-78
OS Command
|
CVE-2013-2642
|
2014-03-19 22:54 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258597
|
- |
|
sophos
|
web_appliance_firmware web_appliance
|
Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remote attackers to read arbitrary files via the id parameter.
|
CWE-22
Path Traversal
|
CVE-2013-2641
|
2014-03-19 22:48 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258598
|
- |
|
yumenomachi
|
demaecan
|
The Demaecan application 2.1.0 and earlier for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information …
|
CWE-310
Cryptographic Issues
|
CVE-2014-1976
|
2014-03-19 01:05 |
2014-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258599
|
- |
|
owncloud
|
owncloud
|
The configuration loader in ownCloud 5.0.x before 5.0.6 allows remote attackers to obtain CSRF tokens and other sensitive information by reading an unspecified JavaScript file.
|
CWE-200
Information Exposure
|
CVE-2013-2086
|
2014-03-18 00:43 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258600
|
- |
|
owncloud
|
owncloud
|
The login page (aka index.php) in ownCloud before 5.0.6 does not disable the autocomplete setting for the password parameter, which makes it easier for physically proximate attackers to guess the pas…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2047
|
2014-03-18 00:37 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|