|
259081
|
- |
|
checkpoint
|
security_gateway
|
Multiple unspecified vulnerabilities in Check Point Security Gateway 80 R71.x before R71.45 (730159141) and R75.20.x before R75.20.4 and 600 and 1100 appliances R75.20.x before R75.20.42 have unknown…
|
NVD-CWE-noinfo
|
CVE-2013-7350
|
2014-04-2 00:19 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259082
|
- |
|
redhat
|
jboss_operations_network
|
Red Hat JBoss Operations Network (JON) before 3.0.1 uses 0777 permissions for the root directory when installing a remote client, which allows local users to read or modify subdirectories and files w…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0032
|
2014-04-1 23:40 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259083
|
- |
|
redhat
|
jboss_operations_network
|
Red Hat JBoss Operations Network (JON) before 2.4.2 does not properly enforce "modify resource" permissions for remote authenticated users when deleting a plug-in configuration update from the group …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4573
|
2014-04-1 23:38 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259084
|
- |
|
emc
|
vplex_geosynchrony
|
Session fixation vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 allows remote attackers to hijack web sessions via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2014-0635
|
2014-04-1 23:16 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259085
|
- |
|
emc
|
vplex_geosynchrony
|
EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote attackers to obtain potentially sen…
|
CWE-20
Improper Input Validation
|
CVE-2014-0634
|
2014-04-1 23:14 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259086
|
- |
|
emc
|
vplex_geosynchrony
|
The GUI in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not properly validate session-timeout values, which might make it easier for remote attackers to execute arbitrary code by leveraging an …
|
CWE-20
Improper Input Validation
|
CVE-2014-0633
|
2014-04-1 23:13 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259087
|
- |
|
sonatype
|
nexus
|
Unspecified vulnerability in Sonatype Nexus OSS and Pro 2.4.0 through 2.7.1 allows attackers to create arbitrary user accounts via unknown vectors related to "an unauthenticated execution path."
|
NVD-CWE-noinfo
|
CVE-2014-2034
|
2014-04-1 21:55 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259088
|
- |
|
jgaa
|
warftpd
|
Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when running as a Windows service, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unk…
|
NVD-CWE-noinfo
|
CVE-2013-2278
|
2014-04-1 20:13 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259089
|
- |
|
jgaa
|
warftpd
|
Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 allows remote authenticated users to cause a denial of service (crash) via format string specifiers in a LIST command.
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2009-5141
|
2014-04-1 20:07 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259090
|
- |
|
freetype
canonical
|
freetype
ubuntu_linux
|
The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to c…
|
CWE-20
Improper Input Validation
|
CVE-2014-2241
|
2014-04-1 15:29 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
