|
258391
|
- |
|
adobe
apache
|
phonegap
cordova
|
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1882
|
2014-03-4 05:26 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258392
|
- |
|
alstom
|
e-terracontrol
|
The DNP Master Driver in Alstom e-terracontrol 3.5, 3.6, and 3.7 allows physically proximate attackers to cause a denial of service (infinite loop and DNP3 service disruption) via crafted input over …
|
CWE-20
Improper Input Validation
|
CVE-2013-2818
|
2014-03-4 02:46 |
2013-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258393
|
- |
|
vmware
|
esxi
workstation
esx
player
fusion
|
lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows gue…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3519
|
2014-03-4 02:45 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258394
|
- |
|
ilias
|
ilias
|
ILIAS 4.4.1 allows remote attackers to execute arbitrary PHP code via an e-mail attachment that leads to creation of a .php file with a certain client_id pathname.
|
CWE-94
Code Injection
|
CVE-2014-2089
|
2014-03-4 02:25 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258395
|
- |
|
ilias
|
ilias
|
Unrestricted file upload vulnerability in ilias.php in ILIAS 4.4.1 allows remote authenticated users to execute arbitrary PHP code by using a .php filename in an upload_files action to the uploadFile…
|
NVD-CWE-Other
|
CVE-2014-2088
|
2014-03-4 02:24 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258396
|
- |
|
ilias
|
ilias
|
Per: http://cwe.mitre.org/data/definitions/434.html
"CWE-434: Unrestricted Upload of File with Dangerous Type"
|
NVD-CWE-Other
|
CVE-2014-2088
|
2014-03-4 02:24 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258397
|
- |
|
schneider-electric
|
floating_license_manager
|
Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed…
|
NVD-CWE-Other
|
CVE-2014-0759
|
2014-03-1 02:16 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258398
|
- |
|
schneider-electric
|
floating_license_manager
|
Per: http://cwe.mitre.org/data/definitions/428.html
"CWE-428: Unquoted Search Path or Element"
|
NVD-CWE-Other
|
CVE-2014-0759
|
2014-03-1 02:16 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258399
|
- |
|
schneider-electric
|
floating_license_manager
|
Per: http://ics-cert.us-cert.gov/advisories/ICSA-14-058-01
"This license manager is used in the following Schneider Electric products:
Power Monitoring Expert,
Struxureware process Expert (…
|
NVD-CWE-Other
|
CVE-2014-0759
|
2014-03-1 02:16 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258400
|
- |
|
cisco
|
intrusion_prevention_system
|
Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP packets, aka Bug IDs CSCum52355 and CSCul49309.
|
CWE-20
Improper Input Validation
|
CVE-2014-2103
|
2014-03-1 01:48 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
