259041
|
- |
|
djangoproject
|
django
|
The authentication framework (django.contrib.auth) in Django 1.4.x before 1.4.8, 1.5.x before 1.5.4, and 1.6.x before 1.6 beta 4 allows remote attackers to cause a denial of service (CPU consumption)…
|
CWE-287
Improper Authentication
|
CVE-2013-1443
|
2014-01-28 13:51 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259042
|
- |
|
freedesktop
|
poppler
|
poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Spl…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1788
|
2014-01-28 13:51 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259043
|
- |
|
freedesktop
|
poppler
|
poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar fun…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1790
|
2014-01-28 13:51 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259044
|
- |
|
apple
|
mac_os_x mac_os_x_server
|
CoreMedia Playback in Apple Mac OS X before 10.8.4 does not properly initialize memory during the processing of text tracks, which allows remote attackers to execute arbitrary code or cause a denial …
|
CWE-20
Improper Input Validation
|
CVE-2013-1024
|
2014-01-28 13:50 |
2013-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259045
|
- |
|
franklinfueling
|
ts-550_evo_firmware ts-550_evo
|
Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 has a hardcoded password for the roleDiag account, which allows remote attackers to gain root privileges, …
|
CWE-255
Credentials Management
|
CVE-2013-7248
|
2014-01-28 00:58 |
2014-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259046
|
- |
|
franklinfueling
|
ts-550_evo_firmware ts-550_evo
|
cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 allows remote attackers to discover sensitive information (user names and password ha…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7247
|
2014-01-28 00:57 |
2014-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259047
|
- |
|
tejimaya
|
openpne
|
The "Remember me" feature in the opSecurityUser::getRememberLoginCookie function in lib/user/opSecurityUser.class.php in OpenPNE 3.6.13 before 3.6.13.1 and 3.8.9 before 3.8.9.1 does not properly vali…
|
CWE-20
Improper Input Validation
|
CVE-2013-5350
|
2014-01-25 07:00 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259048
|
- |
|
juniper
|
junos
|
Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0615
|
2014-01-25 04:22 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259049
|
- |
|
juniper
|
junos
|
Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.…
|
CWE-362
Race Condition
|
CVE-2014-0616
|
2014-01-25 04:21 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259050
|
- |
|
thecus
|
n8800_nas_server_firmware n8800_nas_server
|
The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext credentials for administrative authentication, which allows remote attackers to obtain sensitive information by sniffing the network.
|
CWE-255
Credentials Management
|
CVE-2013-5669
|
2014-01-25 01:27 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|