258501
|
- |
|
apple
|
webkit
|
WebKit does not properly restrict focus changes, which allows remote attackers to read keystrokes via "cross-domain IFRAME gadgets," a different vulnerability than CVE-2010-1126, CVE-2010-1422, and C…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2441
|
2014-02-21 13:33 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258502
|
- |
|
litech
|
router_advertisement_daemon
|
Buffer overflow in the process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negativ…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-3601
|
2014-02-21 11:19 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258503
|
- |
|
ubuntu
|
metal_as_a_service
|
Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1069
|
2014-02-21 11:14 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258504
|
- |
|
jetroplatforms
|
jetro_cockpit_secure_browsing
|
The client in Jetro COCKPIT Secure Browsing (JCSB) 4.3.1 and 4.3.3 does not validate the FileName element in an RDP_FILE_TRANSFER document, which allows remote JCSB servers to execute arbitrary progr…
|
CWE-20
Improper Input Validation
|
CVE-2014-1861
|
2014-02-21 11:04 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258505
|
- |
|
openstack
|
swift
|
The OpenStack Python client library for Swift (python-swiftclient) 1.0 through 1.9.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6396
|
2014-02-21 09:40 |
2014-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258506
|
- |
|
cisco
|
unified_communications_manager
|
The Real Time Monitoring Tool (RTMT) web application in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remot…
|
CWE-287
Improper Authentication
|
CVE-2014-0732
|
2014-02-21 09:26 |
2014-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258507
|
- |
|
cisco
|
unified_communications_manager
|
The Enterprise License Manager (ELM) component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remote atta…
|
CWE-287
Improper Authentication
|
CVE-2014-0733
|
2014-02-21 08:52 |
2014-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258508
|
- |
|
feep
|
libtar
|
Multiple directory traversal vulnerabilities in the (1) tar_extract_glob and (2) tar_extract_all functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files via a .. (d…
|
CWE-22
Path Traversal
|
CVE-2013-4420
|
2014-02-21 08:51 |
2014-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258509
|
- |
|
redhat
|
sos
|
The sosreport utility in the Red Hat sos package before 1.7-9 and 2.x before 2.2-17 includes (1) Certificate-based Red Hat Network private entitlement keys and the (2) private key for the entitlement…
|
CWE-310
Cryptographic Issues
|
CVE-2011-4083
|
2014-02-19 09:40 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258510
|
- |
|
csounds
|
csound
|
Multiple stack-based buffer overflows in Csound before 5.16.6 allow remote attackers to execute arbitrary code via a crafted (1) hetro file to the getnum function in util/heti_main.c or (2) PVOC file…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0270
|
2014-02-19 04:49 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|