|
257471
|
- |
|
pureftpd
|
pure-ftpd
|
The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted FTP session…
|
CWE-399
Resource Management Errors
|
CVE-2011-1575
|
2014-02-21 13:41 |
2011-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257472
|
- |
|
apple
|
itunes
|
Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0191
|
2014-02-21 13:39 |
2011-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257473
|
- |
|
apple
|
itunes
|
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0192
|
2014-02-21 13:39 |
2011-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257474
|
- |
|
collectd
|
collectd
|
The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd 4.x before 4.9.4 and before 4.10.2 allow remote attackers to cause a denial of service (assertion failure) via a packet with a time…
|
CWE-399
Resource Management Errors
|
CVE-2010-4336
|
2014-02-21 13:36 |
2010-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257475
|
- |
|
apple
|
webkit
|
WebKit does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets," a different vulnerability than CVE-2010-1126, CVE-2010-1422, and C…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2441
|
2014-02-21 13:33 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257476
|
- |
|
litech
|
router_advertisement_daemon
|
Buffer overflow in the process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negativ…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3601
|
2014-02-21 11:19 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257477
|
- |
|
ubuntu
|
metal_as_a_service
|
Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1069
|
2014-02-21 11:14 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257478
|
- |
|
jetroplatforms
|
jetro_cockpit_secure_browsing
|
The client in Jetro COCKPIT Secure Browsing (JCSB) 4.3.1 and 4.3.3 does not validate the FileName element in an RDP_FILE_TRANSFER document, which allows remote JCSB servers to execute arbitrary progr…
|
CWE-20
Improper Input Validation
|
CVE-2014-1861
|
2014-02-21 11:04 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257479
|
- |
|
openstack
|
swift
|
The OpenStack Python client library for Swift (python-swiftclient) 1.0 through 1.9.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6396
|
2014-02-21 09:40 |
2014-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257480
|
- |
|
cisco
|
unified_communications_manager
|
The Real Time Monitoring Tool (RTMT) web application in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remot…
|
CWE-287
Improper Authentication
|
CVE-2014-0732
|
2014-02-21 09:26 |
2014-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
