258351
|
- |
|
kokuyo
|
camiapp
|
The Content Provider in the KOKUYO CamiApp application 1.21.1 and earlier for Android allows attackers to bypass intended access restrictions and read database information via a crafted application.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1986
|
2014-04-19 13:48 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258352
|
- |
|
lightwitch prosody
|
metronome prosody
|
plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) Lightwitch Metronome through 3.4 negotiates stream compression while a session is unauthenticated, which allows remote attackers to cau…
|
CWE-20
Improper Input Validation
|
CVE-2014-2744
|
2014-04-19 13:48 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258353
|
- |
|
prosody
|
prosody
|
Prosody before 0.9.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2745
|
2014-04-19 13:48 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258354
|
- |
|
juniper
|
junos srx100 srx110 srx210 srx220 srx240 srx550 srx650
|
Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before 11.4R11, 12.1X44 before 12.1X44-D26, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, and 12.1X46 before 12.1X46-D10, when …
|
NVD-CWE-noinfo
|
CVE-2014-0612
|
2014-04-19 13:46 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258355
|
- |
|
wireshark
|
wireshark
|
The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote atta…
|
CWE-20
Improper Input Validation
|
CVE-2013-7112
|
2014-04-19 13:45 |
2013-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258356
|
- |
|
wireshark
|
wireshark
|
Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-7114
|
2014-04-19 13:45 |
2013-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258357
|
- |
|
reviewboard
|
review_board
|
Cross-site scripting (XSS) vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arb…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2209
|
2014-04-19 13:35 |
2013-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258358
|
- |
|
xen
|
xen
|
Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hyp…
|
CWE-20
Improper Input Validation
|
CVE-2013-1917
|
2014-04-19 13:34 |
2013-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258359
|
- |
|
xen
|
xen
|
Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to "deep page table tra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1918
|
2014-04-19 13:34 |
2013-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258360
|
- |
|
xen
|
xen
|
Xen 4.2.x and 4.1.x does not properly restrict access to IRQs, which allows local stub domain clients to gain access to IRQs and cause a denial of service via vectors related to "passed-through IRQs …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1919
|
2014-04-19 13:34 |
2013-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|