|
257941
|
- |
|
david_bagley
|
xlockmore
|
The (1) checkPasswd and (2) checkGroupXlockPasswds functions in xlockmore before 5.43 do not properly handle when a NULL value is returned upon an error by the crypt or dispcrypt function as implemen…
|
NVD-CWE-Other
|
CVE-2013-4143
|
2014-06-27 00:46 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257942
|
- |
|
david_bagley
|
xlockmore
|
per http://cwe.mitre.org/data/definitions/476.html
"CWE-476: NULL Pointer Dereference"
|
NVD-CWE-Other
|
CVE-2013-4143
|
2014-06-27 00:46 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257943
|
- |
|
bitrix
|
bitrix_e-store_module
|
The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIX_SM_SALE_UID cookie, which makes it easier for remote attackers to guess the cookie value and bypa…
|
CWE-287
Improper Authentication
|
CVE-2013-6788
|
2014-06-27 00:38 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257944
|
- |
|
coreftp
|
core_ftp
|
Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 build 1798 allow remote FTP servers to cause a denial of service (application crash) and possibly execute arbitrary code via a lo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4643
|
2014-06-26 23:30 |
2014-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257945
|
- |
|
longtailvideo
|
jw_player_for_flash_\&_html5_video_plugin
|
Cross-site request forgery (CSRF) vulnerability in the JW Player plugin before 2.1.4 for WordPress allows remote attackers to hijack the authentication of administrators for requests that remove play…
|
CWE-352
Origin Validation Error
|
CVE-2014-4030
|
2014-06-26 23:25 |
2014-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257946
|
- |
|
dell
quantum
|
powervault_ml6000_firmware
powervault_ml6000
scalar_i500_firmware
scalar_i500
|
logViewer.htm on the Dell ML6000 tape backup system with firmware before i8.2.0.2 (641G.GS103) and the Quantum Scalar i500 tape backup system with firmware before i8.2.2.1 (646G.GS002) allows remote …
|
CWE-78
OS Command
|
CVE-2014-2959
|
2014-06-26 13:50 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257947
|
- |
|
juniper
|
screenos
netscreen-5200
netscreen-5400
|
Unspecified vulnerability in the Juniper Networks NetScreen Firewall products with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a de…
|
NVD-CWE-noinfo
|
CVE-2014-3813
|
2014-06-26 13:50 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257948
|
- |
|
juniper
|
screenos
netscreen-5200
netscreen-5400
|
The Juniper Networks NetScreen Firewall devices with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a denial of service (crash and reb…
|
CWE-20
Improper Input Validation
|
CVE-2014-3814
|
2014-06-26 13:50 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257949
|
- |
|
hp
|
executive_scorecard
|
The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka …
|
CWE-287
Improper Authentication
|
CVE-2014-2609
|
2014-06-26 13:49 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257950
|
- |
|
hp
|
executive_scorecard
|
Directory traversal vulnerability in the Content Acceleration Pack (CAP) web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code by uploadi…
|
CWE-22
Path Traversal
|
CVE-2014-2610
|
2014-06-26 13:49 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
