|
257591
|
- |
|
juniper
|
junos
|
Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0615
|
2014-01-25 04:22 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257592
|
- |
|
juniper
|
junos
|
Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.…
|
CWE-362
Race Condition
|
CVE-2014-0616
|
2014-01-25 04:21 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257593
|
- |
|
thecus
|
n8800_nas_server_firmware
n8800_nas_server
|
The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext credentials for administrative authentication, which allows remote attackers to obtain sensitive information by sniffing the network.
|
CWE-255
Credentials Management
|
CVE-2013-5669
|
2014-01-25 01:27 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257594
|
- |
|
thecus
|
n8800_nas_server_firmware
n8800_nas_server
|
The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to discover the administrator credentials by reading this page's cleartext content.
|
CWE-255
Credentials Management
|
CVE-2013-5668
|
2014-01-25 01:25 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257595
|
- |
|
thecus
|
n8800_nas_server_firmware
n8800_nas_server
|
The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action with shell metacharacters in the username parameter.
|
CWE-78
OS Command
|
CVE-2013-5667
|
2014-01-25 01:23 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257596
|
- |
|
spice_project
canonical
|
spice
ubuntu_linux
|
The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attack…
|
CWE-399
Resource Management Errors
|
CVE-2013-4130
|
2014-01-24 13:35 |
2013-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257597
|
- |
|
djvulibre_project
|
djvulibre
|
DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a…
|
CWE-94
Code Injection
|
CVE-2012-6535
|
2014-01-24 13:30 |
2013-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257598
|
- |
|
augeas
|
augeas
|
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup …
|
CWE-22
Path Traversal
|
CVE-2012-6607
|
2014-01-24 13:30 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257599
|
- |
|
augeas
|
augeas
|
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file.
|
CWE-59
Link Following
|
CVE-2012-0786
|
2014-01-24 13:24 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257600
|
- |
|
juniper
|
junos
junose
screenos
|
The OSPF implementation in Juniper Junos through 13.x, JunosE, and ScreenOS through 6.3.x does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets…
|
NVD-CWE-Other
|
CVE-2013-7313
|
2014-01-24 05:26 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
