|
256721
|
- |
|
ioquake3
openarena
tremulous
|
ioquake3_engine
openarena
tremulous
|
server/sv_main.c in Quake3 Arena, as used in ioquake3 before r1762, OpenArena, Tremulous, and other products, allows remote attackers to cause a denial of service (network traffic amplification) via …
|
CWE-20
Improper Input Validation
|
CVE-2010-5077
|
2014-10-29 10:16 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256722
|
- |
|
robert_ancell
|
lightdm
|
lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact.
|
CWE-200
Information Exposure
|
CVE-2012-1111
|
2014-10-29 10:10 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256723
|
- |
|
python-gnupg_project
|
python-gnupg
|
python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists b…
|
CWE-20
Improper Input Validation
|
CVE-2014-1929
|
2014-10-28 04:38 |
2014-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256724
|
- |
|
python-gnupg_project
|
python-gnupg
|
The shell_quote function in python-gnupg 0.3.5 does not properly escape characters, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors,…
|
CWE-20
Improper Input Validation
|
CVE-2014-1928
|
2014-10-28 04:24 |
2014-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256725
|
- |
|
f5
|
big-ip_analytics
|
F5 BIG-IP Analytics 11.x before 11.4.0 uses a predictable session cookie, which makes it easier for remote attackers to have unspecified impact by guessing the value.
|
CWE-310
Cryptographic Issues
|
CVE-2013-7408
|
2014-10-28 00:40 |
2014-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256726
|
- |
|
cpuminer_project
|
cpuminer
|
Stack-based buffer overflow in CPUMiner before 2.4.1 allows remote attackers to have an unspecified impact by sending a mining.subscribe response with a large nonce2 length, then triggering the overf…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-6251
|
2014-10-28 00:04 |
2014-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256727
|
- |
|
wordpress_spreadsheet_project
|
wordpress_spreadsheet
|
SQL injection vulnerability in ss_handler.php in the WordPress Spreadsheet (wpSS) plugin 0.62 for WordPress allows remote attackers to execute arbitrary SQL commands via the ss_id parameter.
|
CWE-89
SQL Injection
|
CVE-2014-8363
|
2014-10-25 09:21 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256728
|
- |
|
date_project
|
date
|
Cross-site scripting (XSS) vulnerability in the Date module before 7.x-2.8 for Drupal allows remote authenticated users with the permission to create a date field to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5169
|
2014-10-25 03:11 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256729
|
- |
|
carefusion
|
pyxis_supplystation
|
CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 has a hardcoded application password, which makes it easier for remote authenticated users to obtain application-file access v…
|
CWE-255
Credentials Management
|
CVE-2014-5420
|
2014-10-25 02:59 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256730
|
- |
|
bananadance
|
banana_dance
|
Directory traversal vulnerability in functions/suggest.php in Banana Dance B.2.6 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parame…
|
CWE-22
Path Traversal
|
CVE-2012-5242
|
2014-10-25 02:57 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
