258461
|
- |
|
advantech
|
advantech_webaccess
|
The OpenUrlToBuffer method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a file: URL.
|
CWE-200
Information Exposure
|
CVE-2014-0771
|
2014-04-15 02:42 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258462
|
- |
|
advantech
|
advantech_webaccess
|
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long UserName parameter.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0770
|
2014-04-15 02:40 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258463
|
- |
|
websense
|
triton_unified_security_center triton_web_filter triton_web_security triton_web_security_gateway triton_web_security_gateway_anywhere
|
The Settings module in Websense Triton Unified Security Center 7.7.3 before Hotfix 31, Web Filter 7.7.3 before Hotfix 31, Web Security 7.7.3 before Hotfix 31, Web Security Gateway 7.7.3 before Hotfix…
|
CWE-255
Credentials Management
|
CVE-2014-0347
|
2014-04-15 02:39 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258464
|
- |
|
osisoft
|
pi_interface
|
The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for DNP3 allows physically proximate attackers to cause a denial of service (interface shutdown) via crafted input over a serial line.
|
CWE-20
Improper Input Validation
|
CVE-2013-2828
|
2014-04-15 02:19 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258465
|
- |
|
osisoft
|
pi_interface
|
The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for DNP3 allows remote attackers to cause a denial of service (interface shutdown) via a crafted TCP packet.
|
CWE-20
Improper Input Validation
|
CVE-2013-2809
|
2014-04-15 02:13 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258466
|
- |
|
vmware
|
vsphere_client
|
VMware vSphere Client 5.0 before Update 3 and 5.1 before Update 2 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificat…
|
CWE-310
Cryptographic Issues
|
CVE-2014-1210
|
2014-04-15 01:58 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258467
|
- |
|
vmware
|
vsphere_client
|
VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly validate updates to Client files, which allows remote attackers to trigger the downloading and execution…
|
CWE-20
Improper Input Validation
|
CVE-2014-1209
|
2014-04-15 01:51 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258468
|
- |
|
apps4u\@android
|
sd_card_manager
|
Directory traversal vulnerability in the apps4u@android SD Card Manager application before 20140224 for Android allows attackers to overwrite or create arbitrary files via a crafted filename.
|
CWE-22
Path Traversal
|
CVE-2014-1969
|
2014-04-15 01:26 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258469
|
- |
|
ioserver
|
ioserver_opc_server opc_drivers
|
The Modbus slave/outstation driver in the OPC Drivers 1.0.20 and earlier in IOServer OPC Server allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafte…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0777
|
2014-04-15 01:19 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258470
|
- |
|
sophos
|
web_appliance_firmware web_appliance
|
The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2849
|
2014-04-15 00:38 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|