258451
|
- |
|
coreftp
|
core_ftp
|
Core FTP Server 1.2 before build 515 allows remote attackers to cause a denial of service (reachable assertion and crash) via an AUTH SSL command with malformed data, as demonstrated by pressing the …
|
CWE-362
Race Condition
|
CVE-2014-1441
|
2014-05-3 00:11 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258452
|
- |
|
transifex
|
transifex
|
Transifex command-line client before 0.10 does not validate X.509 certificates for data transfer connections, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary cer…
|
CWE-20
Improper Input Validation
|
CVE-2013-7110
|
2014-05-2 23:52 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258453
|
- |
|
transifex
|
transifex
|
Transifex command-line client before 0.9 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary certificate.
|
CWE-20
Improper Input Validation
|
CVE-2013-2073
|
2014-05-2 23:49 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258454
|
- |
|
emc
|
rsa_access_manager
|
The runtime WS component in the server in EMC RSA Access Manager 6.1.3 before 6.1.3.39, 6.1.4 before 6.1.4.22, 6.2.0 before 6.2.0.11, and 6.2.1 before 6.2.1.03, when INFO logging is enabled, allows l…
|
CWE-310
Cryptographic Issues
|
CVE-2014-0646
|
2014-05-2 22:49 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258455
|
- |
|
tibco
|
slingshot vault managed_file_transfer_command_center managed_file_transfer_internet_server
|
TIBCO Managed File Transfer Internet Server before 7.2.2, Managed File Transfer Command Center before 7.2.2, Slingshot before 1.9.1, and Vault before 1.0.1 allow remote attackers to obtain sensitive …
|
CWE-200
Information Exposure
|
CVE-2014-2545
|
2014-05-2 04:15 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258456
|
- |
|
ecava
|
integraxor
|
Ecava IntegraXor before 4.1.4393 allows remote attackers to read cleartext credentials for administrative accounts via SELECT statements that leverage the guest role.
|
CWE-310
Cryptographic Issues
|
CVE-2014-0786
|
2014-05-2 01:18 |
2014-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258457
|
- |
|
ajenti
|
ajenti
|
Cross-site scripting (XSS) vulnerability in plugins/main/content/js/ajenti.coffee in Eugene Pankov Ajenti 1.2.13 allows remote authenticated users to inject arbitrary web script or HTML via the comma…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2260
|
2014-05-2 00:42 |
2014-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258458
|
- |
|
php-fusion
|
php-fusion
|
PHP-Fusion before 7.02.06 stores backup files with predictable filenames in an unrestricted directory under the web document root, which might allow remote attackers to obtain sensitive information v…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1807
|
2014-05-2 00:35 |
2014-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258459
|
- |
|
php-fusion
|
php-fusion
|
Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. (dot dot) in the (1) user_theme parameter to…
|
CWE-22
Path Traversal
|
CVE-2013-1806
|
2014-05-2 00:27 |
2014-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258460
|
- |
|
bluecoat
|
content_analysis_system_software content_analysis_system
|
The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to "command injecti…
|
CWE-78
OS Command
|
CVE-2014-2565
|
2014-05-1 22:49 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|