|
257391
|
- |
|
cybozu
|
garoon
|
Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 does not properly manage sessions, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0817
|
2014-02-28 02:08 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257392
|
- |
|
norman
|
security_suite
|
Unspecified vulnerability in Norman Security Suite 10.1 and earlier allows local users to gain privileges via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0816
|
2014-02-28 01:38 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257393
|
- |
|
apple
|
mac_os_x
|
CFNetwork in Apple OS X through 10.8.5 does not remove session cookies upon a Safari reset action, which allows physically proximate attackers to bypass intended access restrictions by leveraging an …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1257
|
2014-02-27 22:55 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257394
|
- |
|
apple
|
mac_os_x
|
Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Type 1 font that is embedded in …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1254
|
2014-02-27 22:50 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257395
|
- |
|
apple
|
quicktime
|
Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track l…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1243
|
2014-02-27 22:47 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257396
|
- |
|
schneider-electric
|
citectscada
powerlogic_scada
struxureware_powerscada_expert
struxureware_scada_expert_vijeo_citect
|
Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogi…
|
NVD-CWE-Other
|
CVE-2013-2824
|
2014-02-27 01:58 |
2014-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257397
|
- |
|
osehra
|
vista
|
The M2M Broker in OSEHRA VistA, as distributed before September 30, 2013, allows attackers to bypass authentication and authorization to perform doctor-only actions and read or modify patient records…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6945
|
2014-02-26 03:18 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257398
|
- |
|
tattyan
|
tattyan_hptown
|
Directory traversal vulnerability in Tattyan HP TOWN before 5_10_1 allows remote attackers to read arbitrary files via a .. (dot dot) in a request.
|
CWE-22
Path Traversal
|
CVE-2013-6000
|
2014-02-26 03:16 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257399
|
- |
|
cru-inc
|
ditto_forensic_fieldstation_firmware
ditto_forensic_fieldstation
|
CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) sector size or (2) skip count fields for the …
|
CWE-78
OS Command
|
CVE-2013-6881
|
2014-02-26 03:11 |
2014-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257400
|
- |
|
libreswan
|
libreswan
|
Libreswan 3.6 allows remote attackers to cause a denial of service (crash) via a small length value and (1) no version or (2) an invalid major number in an IKE packet.
|
CWE-189
Numeric Errors
|
CVE-2013-4564
|
2014-02-26 03:02 |
2014-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
