258041
|
- |
|
typo3
|
typo3
|
The Backend History Module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 does not properly restrict access, which allows remote authenticated editors to read the history o…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6146
|
2014-05-21 21:47 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258042
|
- |
|
realnetworks
|
realplayer
|
The GetGUID function in codecs/dmp4.dll in RealNetworks RealPlayer 16.0.3.51 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (write access violation and app…
|
CWE-94
Code Injection
|
CVE-2014-3444
|
2014-05-21 04:35 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258043
|
- |
|
cisco
|
ios unified_border_element
|
Cisco IOS 15.2(4)M4 on Cisco Unified Border Element (CUBE) devices allows remote attackers to cause a denial of service (input-queue consumption and traffic-processing outage) via crafted RTCP packet…
|
CWE-20
Improper Input Validation
|
CVE-2014-3268
|
2014-05-21 03:50 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258044
|
- |
|
cisco
|
ios_xe
|
The SNMP module in Cisco IOS XE 3.5E allows remote authenticated users to cause a denial of service (device reload) by polling frequently, aka Bug ID CSCug65204.
|
CWE-20
Improper Input Validation
|
CVE-2014-3269
|
2014-05-21 03:46 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258045
|
- |
|
cisco
|
unified_web_and_e-mail_interaction_manager
|
system/egain/chat/entrypoint in Cisco Unified Web and E-mail Interaction Manager 9.0(2) allows remote attackers to have an unspecified impact by injecting a spoofed XML external entity.
|
CWE-20
Improper Input Validation
|
CVE-2014-2194
|
2014-05-20 22:57 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258046
|
- |
|
cisco
|
unified_web_and_e-mail_interaction_manager
|
Cisco Unified Web and E-Mail Interaction Manager places session identifiers in GET requests, which allows remote attackers to inject conversation text by obtaining a valid identifier, aka Bug ID CSCu…
|
CWE-20
Improper Input Validation
|
CVE-2014-2193
|
2014-05-20 22:56 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258047
|
- |
|
sap
|
netweaver
|
SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2014-3787
|
2014-05-20 21:43 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258048
|
- |
|
livezilla
|
livezilla
|
LiveZilla 5.1.2.1 and earlier includes the MD5 hash of the operator password in plaintext in Javascript code that is generated by lz/mobile/chat.php, which allows remote attackers to obtain sensitive…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7385
|
2014-05-20 21:08 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258049
|
- |
|
livezilla
|
livezilla
|
LiveZilla before 5.1.2.1 includes the operator password in plaintext in Javascript code that is generated by lz/mobile/chat.php, which might allow remote attackers to obtain sensitive information and…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7033
|
2014-05-20 21:03 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258050
|
- |
|
openvas
|
openvas_administrator
|
OpenVAS Administrator 1.2 before 1.2.2 and 1.3 before 1.3.2 allows remote attackers to bypass the OAP authentication restrictions and execute OAP commands via a crafted OAP request for version inform…
|
CWE-287
Improper Authentication
|
CVE-2013-6766
|
2014-05-20 20:37 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|