|
259021
|
- |
|
osisoft
|
pi_interface
|
The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for DNP3 allows remote attackers to cause a denial of service (interface shutdown) via a crafted TCP packet.
|
CWE-20
Improper Input Validation
|
CVE-2013-2809
|
2014-04-15 02:13 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259022
|
- |
|
vmware
|
vsphere_client
|
VMware vSphere Client 5.0 before Update 3 and 5.1 before Update 2 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificat…
|
CWE-310
Cryptographic Issues
|
CVE-2014-1210
|
2014-04-15 01:58 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259023
|
- |
|
vmware
|
vsphere_client
|
VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly validate updates to Client files, which allows remote attackers to trigger the downloading and execution…
|
CWE-20
Improper Input Validation
|
CVE-2014-1209
|
2014-04-15 01:51 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259024
|
- |
|
apps4u\@android
|
sd_card_manager
|
Directory traversal vulnerability in the apps4u@android SD Card Manager application before 20140224 for Android allows attackers to overwrite or create arbitrary files via a crafted filename.
|
CWE-22
Path Traversal
|
CVE-2014-1969
|
2014-04-15 01:26 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259025
|
- |
|
ioserver
|
ioserver_opc_server
opc_drivers
|
The Modbus slave/outstation driver in the OPC Drivers 1.0.20 and earlier in IOServer OPC Server allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafte…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0777
|
2014-04-15 01:19 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259026
|
- |
|
sophos
|
web_appliance_firmware
web_appliance
|
The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2849
|
2014-04-15 00:38 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259027
|
- |
|
sophos
|
web_appliance_firmware
web_appliance
|
The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address paramet…
|
CWE-78
OS Command
|
CVE-2014-2850
|
2014-04-15 00:38 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259028
|
- |
|
tenable
|
nessus
plugin-set
|
A race condition in the wmi_malware_scan.nbin plugin before 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp direc…
|
CWE-362
Race Condition
|
CVE-2014-2848
|
2014-04-15 00:21 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259029
|
- |
|
construtiva
|
cis_manager_cms
|
SQL injection vulnerability in default.asp in CIS Manager CMS allows remote attackers to execute arbitrary SQL commands via the TroncoID parameter.
|
CWE-89
SQL Injection
|
CVE-2014-2847
|
2014-04-15 00:15 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259030
|
- |
|
snilesh
|
content_slide
|
Cross-site request forgery (CSRF) vulnerability in the Content Slide plugin 1.4.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin …
|
CWE-352
Origin Validation Error
|
CVE-2013-2708
|
2014-04-14 21:52 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
