258641
|
- |
|
adobe
|
acrobat_reader
|
Heap-based buffer overflow in Adobe Reader 11.0.06 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0511
|
2014-05-16 13:24 |
2014-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258642
|
- |
|
adobe
|
acrobat_reader
|
Adobe Reader 11.0.06 allows attackers to bypass a PDF sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0512
|
2014-05-16 13:24 |
2014-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258643
|
- |
|
disk_pool_manager_project
|
disk_pool_manager
|
Multiple SQL injection vulnerabilities in LCG Disk Pool Manager (DPM) before 1.8.6, as used in EGI UDM, allow remote attackers to execute arbitrary SQL commands via the (1) r_token variable in the dp…
|
CWE-89
SQL Injection
|
CVE-2011-4970
|
2014-05-16 12:58 |
2014-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258644
|
- |
|
phppgadmin
|
phppgadmin
|
Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) a web page title, related to classes/Misc.php; or …
|
CWE-79
Cross-site Scripting
|
CVE-2011-3598
|
2014-05-16 12:56 |
2011-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258645
|
- |
|
videolan
|
vlc_media_player
|
codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3441
|
2014-05-16 03:58 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258646
|
- |
|
jetaudio
|
jetaudio
|
JetMPAd.ax in JetAudio 8.1.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3443
|
2014-05-16 03:55 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258647
|
- |
|
openx
|
openx
|
Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.10, possibly before revision 82710, allow remote attackers to hijack the authentication of administrators, as demonstrated by r…
|
CWE-352
Origin Validation Error
|
CVE-2013-7376
|
2014-05-16 00:00 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258648
|
- |
|
phpcms
|
guesbook_module
|
Multiple cross-site scripting (XSS) vulnerabilities in the Guestbook module for PHPCMS allow remote attackers to inject arbitrary web script or HTML via the (1) list or (2) introduce parameter to ind…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5939
|
2014-05-15 23:43 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258649
|
- |
|
xiaowen_huang
|
yingzhi_python_programming_language
|
Directory traversal vulnerability in the FTP server in YingZhi Python Programming Language for iOS 1.9 allows remote attackers to read and possibly write arbitrary files via a .. (dot dot) in the def…
|
CWE-22
Path Traversal
|
CVE-2013-5655
|
2014-05-15 23:21 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258650
|
- |
|
vicidial
|
vicidial
|
VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in the extension parameter in an …
|
NVD-CWE-Other
|
CVE-2013-4468
|
2014-05-15 22:16 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|