258851
|
- |
|
apple
|
mac_os_x
|
Apple Type Services (ATS) in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Type 1 font that is embedded in …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1254
|
2014-02-27 22:50 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258852
|
- |
|
apple
|
quicktime
|
Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted track l…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1243
|
2014-02-27 22:47 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258853
|
- |
|
schneider-electric
|
citectscada powerlogic_scada struxureware_powerscada_expert struxureware_scada_expert_vijeo_citect
|
Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogi…
|
NVD-CWE-Other
|
CVE-2013-2824
|
2014-02-27 01:58 |
2014-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258854
|
- |
|
osehra
|
vista
|
The M2M Broker in OSEHRA VistA, as distributed before September 30, 2013, allows attackers to bypass authentication and authorization to perform doctor-only actions and read or modify patient records…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6945
|
2014-02-26 03:18 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258855
|
- |
|
tattyan
|
tattyan_hptown
|
Directory traversal vulnerability in Tattyan HP TOWN before 5_10_1 allows remote attackers to read arbitrary files via a .. (dot dot) in a request.
|
CWE-22
Path Traversal
|
CVE-2013-6000
|
2014-02-26 03:16 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258856
|
- |
|
cru-inc
|
ditto_forensic_fieldstation_firmware ditto_forensic_fieldstation
|
CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) sector size or (2) skip count fields for the …
|
CWE-78
OS Command
|
CVE-2013-6881
|
2014-02-26 03:11 |
2014-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258857
|
- |
|
libreswan
|
libreswan
|
Libreswan 3.6 allows remote attackers to cause a denial of service (crash) via a small length value and (1) no version or (2) an invalid major number in an IKE packet.
|
CWE-189
Numeric Errors
|
CVE-2013-4564
|
2014-02-26 03:02 |
2014-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258858
|
- |
|
mybb
|
mybb
|
Cross-site scripting (XSS) vulnerability in the mycode_parse_video function in inc/class_parser.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2013-7288
|
2014-02-25 23:47 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258859
|
- |
|
dotnetblogengine
|
blogengine.net
|
BlogEngine.NET 2.8.0.0 and earlier allows remote attackers to read usernames and password hashes via a request for the sioc.axd file.
|
CWE-200
Information Exposure
|
CVE-2013-6953
|
2014-02-25 23:38 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258860
|
- |
|
xen
|
xen
|
Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause…
|
NVD-CWE-noinfo
|
CVE-2011-1936
|
2014-02-25 23:10 |
2014-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|