258731
|
- |
|
drinkedin
|
drinkedin_barfinder
|
The DrinkedIn BarFinder application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain sensitive fine-geo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1887
|
2014-03-8 05:04 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258732
|
- |
|
edinburghtour
|
edinburgh_by_bus
|
The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently access external-storage reso…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1886
|
2014-03-8 05:02 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258733
|
- |
|
hsgroup
|
forzearmate
|
The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain write access to external-s…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1885
|
2014-03-8 05:01 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258734
|
- |
|
cisco
|
wireless_lan_controller_software
|
Cisco Wireless LAN Controller (WLC) devices 7.0 before 7.0.250.0, 7.2, 7.3, and 7.4 before 7.4.110.0 do not properly deallocate memory, which allows remote attackers to cause a denial of service (reb…
|
CWE-399
Resource Management Errors
|
CVE-2014-0701
|
2014-03-8 04:50 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258735
|
- |
|
cmsmadesimple
|
cms_made_simple
|
SQL injection vulnerability in the News module in CMS Made Simple (CMSMS) before 1.11.10 allows remote authenticated users with the "Modify News" permission to execute arbitrary SQL commands via the …
|
CWE-89
SQL Injection
|
CVE-2014-2245
|
2014-03-8 04:43 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258736
|
- |
|
serena
|
dimensions_cm
|
Multiple cross-site scripting (XSS) vulnerabilities in the web client in Serena Dimensions CM 12.2 build 7.199.0 allow remote attackers to inject arbitrary web script or HTML via the (1) DB_CONN, (2)…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0335
|
2014-03-8 04:19 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258737
|
- |
|
serena
|
dimensions_cm
|
Cross-site request forgery (CSRF) vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that u…
|
CWE-352
Origin Validation Error
|
CVE-2014-0336
|
2014-03-8 04:19 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258738
|
- |
|
emc
|
rsa_data_loss_prevention
|
EMC RSA Data Loss Prevention (DLP) 9.x before 9.6-SP2 does not properly manage sessions, which allows remote authenticated users to gain privileges and bypass intended content-reading restrictions vi…
|
NVD-CWE-noinfo
|
CVE-2014-0624
|
2014-03-8 04:17 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258739
|
- |
|
emc
|
documentum_taskspace
|
EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 does not properly handle the interaction between the dm_world group and the dm_superusers_dynamic group, which allows remote aut…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0629
|
2014-03-8 04:16 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258740
|
- |
|
emc
|
documentum_taskspace
|
EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 allows remote authenticated users to read arbitrary files via a modified imaging-service URL.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0630
|
2014-03-8 04:14 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|