258481
|
- |
|
zarafa
|
zarafa
|
The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 5.00 before 7.1.8 beta2 allows remote attackers to cause a denial of service (crash) via vectors related to "a NULL pointe…
|
CWE-20
Improper Input Validation
|
CVE-2014-0037
|
2014-04-29 20:35 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258482
|
- |
|
dkorunic
|
pam_s\/key
|
A certain Gentoo patch for the PAM S/Key module does not properly clear credentials from memory, which allows local users to obtain sensitive information by reading system memory.
|
CWE-255
Credentials Management
|
CVE-2013-4285
|
2014-04-29 20:09 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258483
|
- |
|
zlib
|
pigz
|
Race condition in pigz before 2.2.5 uses permissions derived from the umask when compressing a file before setting that file's permissions to match those of the original file, which might allow local…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0296
|
2014-04-29 04:28 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258484
|
- |
|
litech
|
router_advertisement_daemon
|
The router advertisement daemon (radvd) before 1.8.2 does not properly handle errors in the privsep_init function, which causes the radvd daemon to run as root and has an unspecified impact.
|
CWE-20
Improper Input Validation
|
CVE-2011-3603
|
2014-04-29 04:12 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258485
|
- |
|
litech
|
router_advertisement_daemon
|
Per http://thread.gmane.org/gmane.comp.security.oss.general/5973/focus=6015, this vulnerablity is being assigned a CVSS base metric of AV:L/AC:M/Au:N/C:P/I:P/A:P = 4.4
|
CWE-20
Improper Input Validation
|
CVE-2011-3603
|
2014-04-29 04:12 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258486
|
- |
|
python pythonware
|
pillow python_imaging_library
|
Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possib…
|
CWE-78
OS Command
|
CVE-2014-3007
|
2014-04-29 02:51 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258487
|
- |
|
acunetix
|
web_vulnerability_scanner
|
Stack-based buffer overflow in Acunetix Web Vulnerability Scanner (WVS) 8 build 20120704 allows remote attackers to execute arbitrary code via an HTML file containing an IMG element with a long URL (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2994
|
2014-04-29 01:06 |
2014-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258488
|
- |
|
powersoftware
|
winarchiver
|
Buffer overflow in Power Software WinArchiver 3.2 allows remote attackers to execute arbitrary code via a crafted .zip file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5660
|
2014-04-26 03:44 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258489
|
- |
|
ddsn
|
cm3_acora_content_management_system
|
Open redirect vulnerability in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions allows remote attackers to redirect users to arbitrary web sites …
|
CWE-20
Improper Input Validation
|
CVE-2013-4723
|
2014-04-26 03:38 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258490
|
- |
|
ddsn
|
cm3_acora_content_management_system
|
Cross-site request forgery (CSRF) vulnerability in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to hijack the authen…
|
CWE-352
Origin Validation Error
|
CVE-2013-4726
|
2014-04-26 03:38 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|