259531
|
- |
|
cisco
|
unified_communications_manager
|
Cisco Unified Communications Manager (UCM) does not require authentication for reading WAR files, which allows remote attackers to obtain sensitive information via unspecified access to a "file stora…
|
CWE-287
Improper Authentication
|
CVE-2014-0725
|
2014-02-13 23:11 |
2014-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259532
|
- |
|
cisco
|
unified_communications_manager
|
The log4jinit web application in Cisco Unified Communications Manager (UCM) does not properly validate authentication, which allows remote attackers to cause a denial of service (performance degradat…
|
CWE-287
Improper Authentication
|
CVE-2014-0722
|
2014-02-13 23:08 |
2014-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259533
|
- |
|
extended_module_player_project
|
extended_module_player
|
Buffer overflow in the get_dsmp function in loaders/masi_load.c in libxmp before 4.1.0 allows remote attackers to execute arbitrary code via a crafted MASI file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1980
|
2014-02-12 23:09 |
2014-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259534
|
- |
|
i-doit
|
i-doit
|
Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7, i-doit pro 1.0 and earlier, and i-doit pro 1.0.2 when the 'sanitize user input' flag is not enabled, allow remote …
|
CWE-79
Cross-site Scripting
|
CVE-2013-1413
|
2014-02-12 22:55 |
2014-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259535
|
- |
|
fortinet
|
fortios
|
Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 5.0.5 allows remote attackers to inject arbitrary web script or HTML via the mkey parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7182
|
2014-02-12 13:50 |
2014-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259536
|
- |
|
torproject
|
tor
|
Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for (1) rel…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7295
|
2014-02-12 13:50 |
2014-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259537
|
- |
|
ruby-lang
|
ruby
|
Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4466
|
2014-02-12 13:39 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259538
|
- |
|
nicolas_cannasse
|
ocaml_xml-light_library
|
OCaml Xml-Light Library before r234 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service …
|
CWE-310
Cryptographic Issues
|
CVE-2012-3514
|
2014-02-12 13:38 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259539
|
- |
|
andy_armstrong
|
cgi.pm
|
Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists…
|
NVD-CWE-noinfo
|
CVE-2010-4411
|
2014-02-12 13:24 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259540
|
- |
|
apache
|
wicket
|
Unspecified vulnerability in Apache Wicket 1.4.x before 1.4.23, 1.5.x before 1.5.11, and 6.x before 6.8.0 allows remote attackers to obtain sensitive information via vectors that cause raw HTML templ…
|
NVD-CWE-noinfo
|
CVE-2013-2055
|
2014-02-12 05:14 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|