258451
|
- |
|
netgear
|
wndr4700_firmware wndr4700
|
Multiple cross-site scripting (XSS) vulnerabilities in NETGEAR WNDR4700 with firmware 1.0.0.34 allow remote authenticated users to inject arbitrary web script or HTML via the (1) UserName or (2) Pass…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3069
|
2014-04-26 03:07 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258452
|
- |
|
ushahidi
|
ushahidi_platform
|
Cross-site scripting (XSS) vulnerability in Ushahidi Platform 2.5.x through 2.6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2025
|
2014-04-26 03:01 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258453
|
- |
|
joomlaboat
|
com_youtubegallery
|
Cross-site scripting (XSS) vulnerability in includes/flvthumbnail.php in the Youtube Gallery (com_youtubegallery) component 3.4.0 for Joomla! allows remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5956
|
2014-04-26 02:42 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258454
|
- |
|
softmotion3d festo 3s-software
|
softmotion cecx-x-m1_modular_controller codesys_runtime_system cecx-x-c1_modular_master_controller
|
The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion do not require authentication for connections to certain TCP ports, which allow…
|
CWE-287
Improper Authentication
|
CVE-2014-0769
|
2014-04-25 22:58 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258455
|
- |
|
3s-software festo softmotion3d
|
codesys_runtime_system cecx-x-c1_modular_master_controller softmotion cecx-x-m1_modular_controller
|
The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion provide an undocumented access method involving the FTP protocol, which allows …
|
CWE-287
Improper Authentication
|
CVE-2014-0760
|
2014-04-25 22:56 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258456
|
- |
|
google
|
picasa
|
Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5358
|
2014-04-25 22:39 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258457
|
- |
|
google
|
picasa
|
Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow remote attackers to execute arbitrary code via a crafted RAW file, as demonstrated using a KDC file w…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5359
|
2014-04-25 22:39 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258458
|
- |
|
google
|
picasa
|
Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as dem…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5349
|
2014-04-25 22:38 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258459
|
- |
|
google
|
picasa
|
Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonst…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5357
|
2014-04-25 22:38 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258460
|
- |
|
cisco
|
ios
|
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3946
|
2014-04-25 03:38 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|