|
259621
|
- |
|
franklinfueling
|
ts-550_evo_firmware
ts-550_evo
|
cgi-bin/tsaws.cgi in Franklin Fueling Systems TS-550 evo with firmware 2.0.0.6833 and other versions before 2.4.0 allows remote attackers to discover sensitive information (user names and password ha…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7247
|
2014-01-28 00:57 |
2014-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259622
|
- |
|
tejimaya
|
openpne
|
The "Remember me" feature in the opSecurityUser::getRememberLoginCookie function in lib/user/opSecurityUser.class.php in OpenPNE 3.6.13 before 3.6.13.1 and 3.8.9 before 3.8.9.1 does not properly vali…
|
CWE-20
Improper Input Validation
|
CVE-2013-5350
|
2014-01-25 07:00 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259623
|
- |
|
juniper
|
junos
|
Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0615
|
2014-01-25 04:22 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259624
|
- |
|
juniper
|
junos
|
Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.…
|
CWE-362
Race Condition
|
CVE-2014-0616
|
2014-01-25 04:21 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259625
|
- |
|
thecus
|
n8800_nas_server_firmware
n8800_nas_server
|
The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext credentials for administrative authentication, which allows remote attackers to obtain sensitive information by sniffing the network.
|
CWE-255
Credentials Management
|
CVE-2013-5669
|
2014-01-25 01:27 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259626
|
- |
|
thecus
|
n8800_nas_server_firmware
n8800_nas_server
|
The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to discover the administrator credentials by reading this page's cleartext content.
|
CWE-255
Credentials Management
|
CVE-2013-5668
|
2014-01-25 01:25 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259627
|
- |
|
thecus
|
n8800_nas_server_firmware
n8800_nas_server
|
The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action with shell metacharacters in the username parameter.
|
CWE-78
OS Command
|
CVE-2013-5667
|
2014-01-25 01:23 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259628
|
- |
|
spice_project
canonical
|
spice
ubuntu_linux
|
The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attack…
|
CWE-399
Resource Management Errors
|
CVE-2013-4130
|
2014-01-24 13:35 |
2013-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259629
|
- |
|
djvulibre_project
|
djvulibre
|
DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a…
|
CWE-94
Code Injection
|
CVE-2012-6535
|
2014-01-24 13:30 |
2013-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259630
|
- |
|
augeas
|
augeas
|
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup …
|
CWE-22
Path Traversal
|
CVE-2012-6607
|
2014-01-24 13:30 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
