258901
|
- |
|
collectd
|
collectd
|
The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd 4.x before 4.9.4 and before 4.10.2 allow remote attackers to cause a denial of service (assertion failure) via a packet with a time…
|
CWE-399
Resource Management Errors
|
CVE-2010-4336
|
2014-02-21 13:36 |
2010-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258902
|
- |
|
apple
|
webkit
|
WebKit does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets," a different vulnerability than CVE-2010-1126, CVE-2010-1422, and C…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2441
|
2014-02-21 13:33 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258903
|
- |
|
litech
|
router_advertisement_daemon
|
Buffer overflow in the process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negativ…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3601
|
2014-02-21 11:19 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258904
|
- |
|
ubuntu
|
metal_as_a_service
|
Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1069
|
2014-02-21 11:14 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258905
|
- |
|
jetroplatforms
|
jetro_cockpit_secure_browsing
|
The client in Jetro COCKPIT Secure Browsing (JCSB) 4.3.1 and 4.3.3 does not validate the FileName element in an RDP_FILE_TRANSFER document, which allows remote JCSB servers to execute arbitrary progr…
|
CWE-20
Improper Input Validation
|
CVE-2014-1861
|
2014-02-21 11:04 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258906
|
- |
|
openstack
|
swift
|
The OpenStack Python client library for Swift (python-swiftclient) 1.0 through 1.9.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6396
|
2014-02-21 09:40 |
2014-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258907
|
- |
|
cisco
|
unified_communications_manager
|
The Real Time Monitoring Tool (RTMT) web application in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remot…
|
CWE-287
Improper Authentication
|
CVE-2014-0732
|
2014-02-21 09:26 |
2014-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258908
|
- |
|
cisco
|
unified_communications_manager
|
The Enterprise License Manager (ELM) component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remote atta…
|
CWE-287
Improper Authentication
|
CVE-2014-0733
|
2014-02-21 08:52 |
2014-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258909
|
- |
|
feep
|
libtar
|
Multiple directory traversal vulnerabilities in the (1) tar_extract_glob and (2) tar_extract_all functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files via a .. (d…
|
CWE-22
Path Traversal
|
CVE-2013-4420
|
2014-02-21 08:51 |
2014-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258910
|
- |
|
redhat
|
sos
|
The sosreport utility in the Red Hat sos package before 1.7-9 and 2.x before 2.2-17 includes (1) Certificate-based Red Hat Network private entitlement keys and the (2) private key for the entitlement…
|
CWE-310
Cryptographic Issues
|
CVE-2011-4083
|
2014-02-19 09:40 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|