|
258421
|
- |
|
openstack
redhat
|
oslo
openstack
|
The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote attackers to obtain sensitive i…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6491
|
2014-06-21 13:36 |
2014-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258422
|
- |
|
adobe
|
photoshop
photoshop_cs4
photoshop_cs5.5
|
Use-after-free vulnerability in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a crafted TIFF (aka .TIF) file.
|
CWE-399
Resource Management Errors
|
CVE-2012-2027
|
2014-06-21 13:17 |
2012-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258423
|
- |
|
adobe
|
photoshop_cs5
photoshop_cs5.1
|
Stack-based buffer overflow in the U3D.8BI library plugin in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a long Collada…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2052
|
2014-06-21 03:04 |
2014-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258424
|
- |
|
canonical
|
ubuntu_linux
|
The OpenStack Nova (python-nova) package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder (python-cinder) package 1:2013.2.3-0 before 1:2013.2.…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1068
|
2014-06-21 02:57 |
2014-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258425
|
- |
|
barracudadrive
|
barracudadrive
|
Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) host or (2) password parameter to rtl/protected/a…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4335
|
2014-06-21 02:54 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258426
|
- |
|
ubi
|
rayman_legends
|
Stack-based buffer overflow in Ubisoft Rayman Legends before 1.3.140380 allows remote attackers to execute arbitrary code via a long string in the "second connection" to TCP port 1001.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4334
|
2014-06-21 02:51 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258427
|
- |
|
jreast
|
jr_east_japan
|
The East Japan Railway Company JR East Japan application before 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive inf…
|
CWE-310
Cryptographic Issues
|
CVE-2014-2001
|
2014-06-20 04:06 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258428
|
- |
|
alienvault
|
open_source_security_information_management
|
The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to read arbitrary files via a crafted get_file request.
|
CWE-200
Information Exposure
|
CVE-2014-4153
|
2014-06-20 03:59 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258429
|
- |
|
alienvault
|
open_source_security_information_management
|
The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to execute arbitrary code via a crafted remote_task request, related to injecting an ssh public key.
|
CWE-94
Code Injection
|
CVE-2014-4152
|
2014-06-20 03:57 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258430
|
- |
|
alienvault
|
open_source_security_information_management
|
The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to create arbitrary files and execute arbitrary code via a crafted set_file request.
|
CWE-94
Code Injection
|
CVE-2014-4151
|
2014-06-20 03:55 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
