258741
|
- |
|
joomla
|
joomla\!
|
plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 does not properly handle an object obtained by unserializing a cookie, which allows remote authenticated use…
|
CWE-20
Improper Input Validation
|
CVE-2013-3242
|
2014-03-7 22:46 |
2013-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258742
|
- |
|
sap
|
production_planning_and_control
|
The CP_RC_TRANSACTION_CALL_BY_SET function in the Engineering Workbench component in SAP Production Planning and Control allows remote authenticated users to bypass intended transaction restrictions …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3062
|
2014-03-7 22:39 |
2013-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258743
|
- |
|
emc
|
rsa_data_protection_manager_appliance
|
Cross-site scripting (XSS) vulnerability on the EMC RSA Data Protection Manager (DPM) appliance 3.2.x before 3.2.4.2 and 3.5.x before 3.5.1 allows remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3288
|
2014-03-7 22:14 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258744
|
- |
|
dlink
|
des-3800_firmware des-3800
|
Unspecified vulnerability in the SSH implementation on D-Link Japan DES-3800 devices with firmware before R4.50B58 allows remote authenticated users to cause a denial of service (device hang) via unk…
|
NVD-CWE-noinfo
|
CVE-2013-5997
|
2014-03-7 22:12 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258745
|
- |
|
light_speed_gaming
|
mumble
|
The opus_packet_get_samples_per_frame function in client in Mumble 1.2.4 and the 1.2.3 pre-release snapshots allows remote attackers to cause a denial of service (crash) via a crafted length prefix v…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0044
|
2014-03-6 13:50 |
2014-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258746
|
- |
|
oracle
|
database_server
|
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality via vectors rela…
|
NVD-CWE-noinfo
|
CVE-2014-0377
|
2014-03-6 13:50 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258747
|
- |
|
oracle
|
database_server
|
Unspecified vulnerability in the Spatial component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows local users to affect confidentiality, integrity, and availability via u…
|
NVD-CWE-noinfo
|
CVE-2014-0378
|
2014-03-6 13:50 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258748
|
- |
|
cisco
|
unified_sip_phone_3905
|
The Cisco Unified SIP Phone 3905 with firmware before 9.4(1) allows remote attackers to obtain root access via a session on the test interface on TCP port 7870, aka Bug ID CSCuh75574.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0721
|
2014-03-6 13:50 |
2014-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258749
|
- |
|
cisco
|
unified_ip_phone_7960g
|
The Cisco Unified IP Phone 7960G 9.2(1) and earlier allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List (CTL) file, aka Bug ID CSCuj6…
|
CWE-287
Improper Authentication
|
CVE-2014-0737
|
2014-03-6 13:50 |
2014-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258750
|
- |
|
ibm
|
cognos_business_intelligence
|
Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1 before IF6, 10.1.1 before IF5, 10.2 before IF7, 10.2.1 before IF4, and 10.2.1.1 before IF4 …
|
CWE-79
Cross-site Scripting
|
CVE-2014-0861
|
2014-03-6 13:50 |
2014-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|