|
258581
|
- |
|
cisco
|
nx-os
nexus_7000
nexus_7000_10-slot
nexus_7000_18-slot
nexus_7000_9-slot
|
Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1191
|
2014-05-28 01:05 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258582
|
- |
|
imember360
|
imember360
|
The iMember360 plugin 3.8.012 through 3.9.001 for WordPress does not properly restrict access, which allows remote attackers to delete arbitrary users via a request containing a user name in the Emai…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3849
|
2014-05-27 23:36 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258583
|
- |
|
imember360
|
imember360
|
The iMember360 plugin before 3.9.001 for WordPress does not properly restrict access, which allows remote attackers to obtain database credentials via the i4w_dbinfo parameter.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3848
|
2014-05-27 23:34 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258584
|
- |
|
emerson
|
deltav
|
Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrat…
|
CWE-255
Credentials Management
|
CVE-2014-2350
|
2014-05-23 23:14 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258585
|
- |
|
emerson
|
deltav
|
Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 allows local users to modify or read configuration files by leveraging engineering-level privileges.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2349
|
2014-05-23 23:13 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258586
|
- |
|
f5
|
big-iq
|
F5 BIG-IQ Cloud and Security 4.0.0 through 4.1.0 allows remote authenticated users to change the password of arbitrary users via the name parameter in a request to the user's page in mgmt/shared/auth…
|
CWE-255
Credentials Management
|
CVE-2014-3220
|
2014-05-23 13:08 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258587
|
- |
|
jansson_project
|
jansson
|
Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a …
|
CWE-310
Cryptographic Issues
|
CVE-2013-6401
|
2014-05-23 13:03 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258588
|
- |
|
barracudadrive
|
barracudadrive
|
Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) blog, (2) bloggeruser, or (3) bloggerpasswd param…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3807
|
2014-05-23 00:16 |
2014-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258589
|
- |
|
beetel
|
450tc2_router_firmware
450tc2_router
|
Cross-site request forgery (CSRF) vulnerability in Beetel 450TC2 Router with firmware TX6-0Q-005_retail allows remote attackers to hijack the authentication of administrators for requests that change…
|
CWE-352
Origin Validation Error
|
CVE-2014-3792
|
2014-05-22 08:37 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258590
|
- |
|
efssoft
|
easy_file_sharing_web_server
|
Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 allows remote attackers to execute arbitrary code via a long string in a cookie UserID parameter to vfolder.ghp.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3791
|
2014-05-22 07:35 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
