| apache -- archiva |
Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to the home page. |
2014年04月22日 |
4.3 |
CVE-2013-2187 |
| apple -- apple_tv |
Secure Transport in Apple iOS before 7.1.1, Apple OS X 10.8.x and 10.9.x through 10.9.2, and Apple TV before 6.1.1 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack." |
2014年04月23日 |
6.8 |
CVE-2014-1295 |
| apple -- apple_tv |
CFNetwork in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 does not ensure that a Set-Cookie HTTP header is complete before interpreting the header's value, which allows remote attackers to bypass intended access restrictions by triggering the closing of a TCP connection during transmission of a header, as demonstrated by an HTTPOnly restriction. |
2014年04月23日 |
4.3 |
CVE-2014-1296 |
| apple -- mac_os_x |
Format string vulnerability in CoreServicesUIAgent in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a URL. |
2014年04月23日 |
6.8 |
CVE-2014-1315 |
| apple -- mac_os_x |
Heimdal, as used in Apple OS X through 10.9.2, allows remote attackers to cause a denial of service (abort and daemon exit) via ASN.1 data encountered in the Kerberos 5 protocol. |
2014年04月23日 |
5.0 |
CVE-2014-1316 |
| apple -- mac_os_x |
Buffer overflow in ImageIO in Apple OS X 10.9.x through 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image. |
2014年04月23日 |
6.8 |
CVE-2014-1319 |
| apple -- apple_tv |
IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading unspecified attributes of the object. |
2014年04月23日 |
4.9 |
CVE-2014-1320 |
| apple -- mac_os_x |
The kernel in Apple OS X through 10.9.2 places a kernel pointer into an XNU object data structure accessible from user space, which makes it easier for local users to bypass the ASLR protection mechanism by reading an unspecified attribute of the object. |
2014年04月23日 |
4.9 |
CVE-2014-1322 |
| apple -- cups |
Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the is_path_absolute function. |
2014年04月18日 |
4.3 |
CVE-2014-2856 |
| asus -- rt-ac68u |
Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code. |
2014年04月22日 |
6.3 |
CVE-2014-2719 |
| asus -- rt-ac68u |
Cross-site scripting (XSS) vulnerability in Advanced_Wireless_Content.asp in ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote attackers to inject arbitrary web script or HTML via the current_page parameter to apply.cgi. |
2014年04月22日 |
4.3 |
CVE-2014-2925 |
| automattic -- jetpack |
The Jetpack plugin before 1.9 before 1.9.4, 2.0.x before 2.0.9, 2.1.x before 2.1.4, 2.2.x before 2.2.7, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.2, 2.6.x before 2.6.3, 2.7.x before 2.7.2, 2.8.x before 2.8.2, and 2.9.x before 2.9.3 for WordPress does not properly restrict access to the XML-RPC service, which allows remote attackers to bypass intended restrictions and publish posts via unspecified vectors. NOTE: some of these details are obtained from third party information. |
2014年04月22日 |
5.8 |
CVE-2014-0173 |
| cacti -- cacti |
Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by requests that (1) modify binary files, (2) modify configurations, or (3) add arbitrary users. |
2014年04月23日 |
6.8 |
CVE-2014-2327 |
| cacti -- cacti |
lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors. |
2014年04月23日 |
6.5 |
CVE-2014-2328 |
| carbonblack -- carbon_black |
Multiple cross-site request forgery (CSRF) vulnerabilities in Carbon Black before 4.1.0 allow remote attackers to hijack the authentication of administrators for requests that add new administrative users and have other unspecified action, as demonstrated by a request to api/user. |
2014年04月22日 |
6.8 |
CVE-2014-1615 |
| cisco -- ios |
Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376. |
2014年04月23日 |
5.0 |
CVE-2012-0360 |
| cisco -- ios |
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717. |
2014年04月23日 |
5.4 |
CVE-2012-1317 |
| cisco -- asr_1001_router |
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544. |
2014年04月23日 |
6.1 |
CVE-2012-1366 |
| cisco -- ios |
Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193. |
2014年04月23日 |
5.7 |
CVE-2012-3062 |
| cisco -- catalyst_2900 |
Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317. |
2014年04月23日 |
4.3 |
CVE-2012-3918 |
| cisco -- ios |
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682. |
2014年04月24日 |
5.0 |
CVE-2012-3946 |
| cisco -- ios |
Cisco IOS before 15.1(1)SY allows local users to cause a denial of service (device reload) by establishing an outbound SSH session, aka Bug ID CSCto00318. |
2014年04月23日 |
4.9 |
CVE-2012-4638 |
| cisco -- ios |
Cisco IOS before 15.3(2)T, when scansafe is enabled, allows remote attackers to cause a denial of service (latency) via SYN packets that are not accompanied by SYN-ACK packets from the Scan Safe Tower, aka Bug ID CSCub85451. |
2014年04月23日 |
4.3 |
CVE-2012-4651 |
| cisco -- ios |
The ios-authproxy implementation in Cisco IOS before 15.1(1)SY3 allows remote attackers to cause a denial of service (webauth and HTTP service outage) via vectors that trigger incorrectly terminated HTTP sessions, aka Bug ID CSCtz99447. |
2014年04月23日 |
5.0 |
CVE-2012-4658 |
| cisco -- ios |
Cisco IOS before 15.1(2)SY allows remote authenticated users to cause a denial of service (device crash) by establishing an SSH session from a client and then placing this client into a (1) slow or (2) idle state, aka Bug ID CSCto87436. |
2014年04月23日 |
6.3 |
CVE-2012-5014 |
| cisco -- asr_1001_router |
Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268. |
2014年04月23日 |
6.8 |
CVE-2012-5017 |
| cisco -- ios |
The Flex-VPN load-balancing feature in the ipsec-ikev2 implementation in Cisco IOS before 15.1(1)SY3 does not require authentication, which allows remote attackers to trigger the forwarding of VPN traffic to an attacker-controlled destination, or the discarding of this traffic, by arranging for an arbitrary device to become a cluster member, aka Bug ID CSCub93641. |
2014年04月23日 |
6.4 |
CVE-2012-5032 |
| cisco -- ios |
Cisco IOS before 12.2(50)SY1 allows remote authenticated users to cause a denial of service (memory consumption) via a sequence of VTY management sessions (aka exec sessions), aka Bug ID CSCtn43662. |
2014年04月23日 |
6.8 |
CVE-2012-5036 |
| cisco -- catalyst_6500 |
The ACL implementation in Cisco IOS before 15.1(1)SY on Catalyst 6500 and 7600 devices allows local users to cause a denial of service (device reload) via a "no object-group" command followed by an object-group command, aka Bug ID CSCts16133. |
2014年04月23日 |
4.6 |
CVE-2012-5037 |
| cisco -- ios |
The BGP Router process in Cisco IOS before 12.2(50)SY1 allows remote attackers to cause a denial of service (memory consumption) via vectors involving BGP path attributes, aka Bug ID CSCsw63003. |
2014年04月23日 |
4.3 |
CVE-2012-5039 |
| cisco -- ios |
Cisco IOS before 15.3(1)T, when media flow-around is not used, allows remote attackers to cause a denial of service (media loops and stack memory corruption) via VoIP traffic, aka Bug ID CSCub45809. |
2014年04月23日 |
5.4 |
CVE-2012-5044 |
| cisco -- as5400_universal_gateway |
Unspecified vulnerability in Cisco IOS before 15.3(2)T on AS5400 devices allows remote authenticated users to cause a denial of service (spurious errors) via unknown vectors, aka Bug ID CSCub61009. |
2014年04月23日 |
6.8 |
CVE-2012-5422 |
| cisco -- ios |
Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T allows remote authenticated users to cause a denial of service (input queue wedge) via a crafted series of RTCP packets, aka Bug ID CSCuc42518. |
2014年04月23日 |
4.0 |
CVE-2012-5427 |
| cisco -- asr_1001_router |
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948. |
2014年04月24日 |
6.1 |
CVE-2012-5723 |
| cisco -- adaptive_security_appliance_software |
Memory leak in the SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to cause a denial of service (memory consumption and instability) via crafted SIP packets, aka Bug ID CSCuf67469. |
2014年04月23日 |
5.0 |
CVE-2014-2154 |
| cisco -- cns_network_registrar |
The DHCPv6 server module in Cisco CNS Network Registrar 7.1 allows remote attackers to cause a denial of service (daemon reload) via a malformed DHCPv6 packet, aka Bug ID CSCuo07437. |
2014年04月19日 |
5.0 |
CVE-2014-2155 |
| craig_knudsen -- webcalendar |
Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar before 1.2.5, 1.2.6, and other versions before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the Category Name field to category.php. |
2014年04月22日 |
4.3 |
CVE-2013-1421 |
| cubecart -- cubecart |
Session fixation vulnerability in CubeCart before 5.2.9 allows remote attackers to hijack web sessions via the PHPSESSID parameter. |
2014年04月22日 |
6.8 |
CVE-2014-2341 |
| cybozu -- remote_service_manager |
Session fixation vulnerability in the management screen in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to hijack web sessions via unspecified vectors. |
2014年04月19日 |
6.8 |
CVE-2014-1984 |
| ddsn -- cm3_acora_content_management_system |
Multiple cross-site scripting (XSS) vulnerabilities in Admin/login/default.asp in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) url, (3) qstr parameter. |
2014年04月25日 |
4.3 |
CVE-2013-4722 |
| ddsn -- cm3_acora_content_management_system |
Open redirect vulnerability in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the l parameter to track.aspx. |
2014年04月25日 |
5.8 |
CVE-2013-4723 |
| ddsn -- cm3_acora_content_management_system |
Cross-site request forgery (CSRF) vulnerability in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. |
2014年04月25日 |
6.8 |
CVE-2013-4726 |
| debian -- ppthtml |
Heap-based buffer overflow in the __OLEdecode function in ppthtml 0.5.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .ppt file. |
2014年04月25日 |
6.8 |
CVE-2013-4565 |
| digium -- asterisk |
The PJSIP channel driver in Asterisk Open Source 12.x before 12.1.1, when qualify_frequency "is enabled on an AOR and the remote SIP server challenges for authentication of the resulting OPTIONS request," allows remote attackers to cause a denial of service (crash) via a PJSIP endpoint that does not have an associated outgoing request. |
2014年04月18日 |
4.3 |
CVE-2014-2288 |
| djangoproject -- django |
The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 allows remote attackers to import and execute arbitrary Python modules by leveraging a view that constructs URLs using user input and a "dotted Python path." |
2014年04月23日 |
5.1 |
CVE-2014-0472 |
| djangoproject -- django |
The caching framework in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 reuses a cached CSRF token for all anonymous users, which allows remote attackers to bypass CSRF protections by reading the CSRF cookie for anonymous users. |
2014年04月23日 |
5.0 |
CVE-2014-0473 |
| drupal -- drupal |
Drupal 6.x before 6.31 and 7.x before 7.27 does not properly isolate the cached data of different anonymous users, which allows remote anonymous users to obtain sensitive interim form input information in opportunistic situations via unspecified vectors. |
2014年04月23日 |
4.3 |
CVE-2014-2983 |
| gilles_lamiral -- imapsync |
imapsync 1.564 and earlier performs a release check by default, which sends sensitive information (imapsync, operating system, and Perl version) to the developer's site. |
2014年04月18日 |
5.0 |
CVE-2013-4279 |
| gilles_lamiral -- imapsync |
imapsync before 1.584, when running with the --tls option, attempts a cleartext login when a certificate verification failure occurs, which allows remote attackers to obtain credentials by sniffing the network. |
2014年04月18日 |
4.3 |
CVE-2014-2014 |
| haxx -- curl |
curl and libcurl 7.27.0 through 7.35.0, when runnning on Windows and using the SChannel/Winssl TLS backend, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when accessing a URL that uses a numerical IP address, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate. |
2014年04月18日 |
4.0 |
CVE-2014-2522 |
| hp -- database_and_middleware_automation |
Unspecified vulnerability in HP Database and Middleware Automation 10.0, 10.01, 10.10, and 10.20 before 10.20.100 allows remote authenticated users to obtain sensitive information via unknown vectors. |
2014年04月19日 |
6.5 |
CVE-2013-6212 |
| hp -- universal_configuration_management_database |
Unspecified vulnerability in the Integration Service in HP Universal Configuration Management Database 9.05, 10.01, and 10.10 allows remote authenticated users to obtain sensitive information via unknown vectors, aka ZDI-CAN-2042. |
2014年04月19日 |
4.0 |
CVE-2013-6214 |
| ibm -- rational_software_architect_design_manager |
Unspecified vulnerability in IBM Rational Software Architect (RSA) Design Manager and Rational Rhapsody Design Manager 3.x through 3.0.1 and 4.x before 4.0.6 allows remote authenticated users to modify data by leveraging improper parameter checking. |
2014年04月21日 |
5.5 |
CVE-2013-5459 |
| ibm -- smartcloud_analytics_log_analysis |
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint. |
2014年04月24日 |
4.3 |
CVE-2013-6738 |
| ibm -- lotus_domino |
IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by leveraging the absence of the NX protection mechanism and placing crafted x86 code on the stack, aka SPR KLYH9GGS9W. |
2014年04月23日 |
5.0 |
CVE-2014-0892 |
| joomlaboat -- com_youtubegallery |
Cross-site scripting (XSS) vulnerability in includes/flvthumbnail.php in the Youtube Gallery (com_youtubegallery) component 3.4.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the videofile parameter. |
2014年04月25日 |
4.3 |
CVE-2013-5956 |
| json-c_project -- json-c |
Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote attackers to cause a denial of service via unspecified vectors. |
2014年04月22日 |
5.0 |
CVE-2013-6370 |
| json-c_project -- json-c |
The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted JSON data, involving collisions. |
2014年04月22日 |
5.0 |
CVE-2013-6371 |
| lennart_poettering -- systemd |
The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/. |
2014年04月18日 |
6.3 |
CVE-2012-0871 |
| lyesoft -- andexplorer |
Directory traversal vulnerability in the LYSESOFT AndExplorer application before 20140403 and AndExplorerPro application before 20140405 for Android allows attackers to overwrite or create arbitrary files via unspecified vectors. |
2014年04月19日 |
6.4 |
CVE-2014-1974 |
| mediawiki -- mediawiki |
includes/specials/SpecialChangePassword.php in MediaWiki before 1.19.14, 1.20.x and 1.21.x before 1.21.8, and 1.22.x before 1.22.5 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account, as demonstrated by tracking the victim's activity, related to a "login CSRF" issue. |
2014年04月19日 |
4.0 |
CVE-2014-2665 |
| microsoft -- iis |
CRLF injection vulnerability in the CGI implementation in Microsoft Internet Information Services (IIS) 4.x and 5.x on Windows NT and Windows 2000 allows remote attackers to modify arbitrary uppercase environment variables via a \n (newline) character in an HTTP header. |
2014年04月23日 |
6.4 |
CVE-2011-5279 |
| mobfox -- madserve |
Multiple SQL injection vulnerabilities in MobFox mAdserve 2.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) edit_ad_unit.php, (2) view_adunits.php, or (3) edit_campaign.php in www/cp/. |
2014年04月22日 |
6.5 |
CVE-2014-2654 |
| mozilla -- bugzilla |
The login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x before 4.5.3 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account and then submit a vulnerability report, related to a "login CSRF" issue. |
2014年04月19日 |
4.0 |
CVE-2014-1517 |
| open-xchange -- open-xchange_appsuite |
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potentially useful password-pattern information by reading (1) a web-server access log, (2) a web-server Referer log, or (3) browser history that contains this string because of its presence in a GET request. |
2014年04月24日 |
4.3 |
CVE-2014-2391 |
| open-xchange -- open-xchange_appsuite |
The E-Mail autoconfiguration feature in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 places a password in a GET request, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history. |
2014年04月24日 |
4.3 |
CVE-2014-2392 |
| open-xchange -- open-xchange_appsuite |
Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite 7.4.1 before 7.4.1-rev11 and 7.4.2 before 7.4.2-rev13 allows remote attackers to inject arbitrary web script or HTML via a Drive filename that is not properly handled during use of the composer to add an e-mail attachment. |
2014年04月24日 |
4.3 |
CVE-2014-2393 |
| openx -- openx |
Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.11 and earlier allow remote attackers to hijack the authentication of administrators for requests that delete (1) users via admin/agency-user-unlink.php, (2) advertisers via admin/advertiser-delete.php, (3) banners via admin/banner-delete.php, (4) campaigns via admin/campaign-delete.php, (5) channels via admin/channel-delete.php, (6) affiliate websites via admin/affiliate-delete.php, or (7) zones via admin/zone-delete.php. |
2014年04月25日 |
6.8 |
CVE-2013-5954 |
| otrs -- otrs |
OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote attackers to conduct clickjacking attacks via an IFRAME element. |
2014年04月23日 |
4.3 |
CVE-2014-2554 |
| papercut -- papercut_mf |
Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote attackers to hijack the authentication of administrators via unspecified vectors. |
2014年04月22日 |
6.8 |
CVE-2014-2659 |
| phpfox -- phpfox |
PHPFox 3.7.3 and 3.7.4 allows remote authenticated users to bypass intended "Only Me" restrictions and "like" a publication via a request that specifies the ID for the publication. |
2014年04月18日 |
5.5 |
CVE-2013-7195 |
| phpfox -- phpfox |
static/ajax.php in PHPFox 3.7.3, 3.7.4, and 3.7.5 allows remote authenticated users to bypass intended "Only Me" restrictions and comment on a private publication via a request with a modified val[item_id] parameter for the publication. |
2014年04月18日 |
5.5 |
CVE-2013-7196 |
| pimcore -- pimcore |
The getObjectByToken function in Newsletter.php in the Pimcore_Tool_Newsletter module in pimcore 1.4.9 through 2.1.0 does not properly handle an object obtained by unserializing a pathname, which allows remote attackers to conduct PHP object injection attacks and delete arbitrary files via vectors involving a Zend_Http_Response_Stream object. |
2014年04月21日 |
6.4 |
CVE-2014-2922 |
| progea -- movicon |
The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows remote attackers to obtain potentially sensitive version information via network traffic to TCP port 10651. |
2014年04月19日 |
5.0 |
CVE-2014-0778 |
| qemu -- qemu |
Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow. |
2014年04月18日 |
4.9 |
CVE-2014-0150 |
| redhat -- jboss_fuse_service_works |
JBoss Overlord Run Time Governance (RTGov) 1.0 for JBossAS allows remote authenticated users to execute arbitrary Java code via an MVFLEX _expression_ Language (MVEL) _expression_. NOTE: some of these details are obtained from third party information. |
2014年04月22日 |
6.5 |
CVE-2013-6469 |
| remote-rac -- rac_server |
PCNetSoftware RAC Server 4.0.4 and 4.0.5 allows local users to cause a denial of service (disabled keyboard or crash) via a large input buffer to unspecified IOCTL requests in RACDriver.sys, which triggers a buffer over-read. |
2014年04月18日 |
4.9 |
CVE-2014-2597 |
| ruby-lang -- ruby |
The openssl extension in Ruby 2.x does not properly maintain the state of process memory after a file is reopened, which allows remote attackers to spoof signatures within the context of a Ruby script that attempts signature verification after performing a certain sequence of filesystem operations. |
2014年04月24日 |
5.8 |
CVE-2014-2734 |
| samba -- rsync |
The check_secret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a user name which does not exist in the secrets file. |
2014年04月23日 |
5.0 |
CVE-2014-2855 |
| siege -- phpmyid |
Cross-site scripting (XSS) vulnerability in the wrap_html function in MyID.php in phpMyID 0.9 allows remote attackers to inject arbitrary web script or HTML via the openid_error parameter to MyID.config.php when the openid.mode parameter is set to error, which is not properly handled in an error message. |
2014年04月22日 |
4.3 |
CVE-2014-2890 |
| siemens -- sinema_server |
Multiple directory traversal vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to access arbitrary files via HTTP traffic to port (1) 4999 or (2) 80. |
2014年04月19日 |
5.0 |
CVE-2014-2732 |
| siemens -- sinema_server |
Siemens SINEMA Server before 12 SP1 allows remote attackers to cause a denial of service (web-interface outage) via crafted HTTP requests to port (1) 4999 or (2) 80. |
2014年04月19日 |
5.0 |
CVE-2014-2733 |
| siemens -- simatic_s7_cpu-1211c |
Cross-site scripting (XSS) vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
2014年04月25日 |
4.3 |
CVE-2014-2908 |
| siemens -- simatic_s7_cpu-1211c |
CRLF injection vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary HTTP headers via unspecified vectors. |
2014年04月25日 |
5.8 |
CVE-2014-2909 |
| sixnet -- sixview_manager |
Directory traversal vulnerability in Sixnet SixView Manager 2.4.1 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request to TCP port 18081. |
2014年04月23日 |
5.0 |
CVE-2014-2976 |
| symantec -- messaging_gateway |
Cross-site scripting (XSS) vulnerability in brightmail/setting/compliance/DlpConnectFlow$view.flo in the management console in Symantec Messaging Gateway 10.x before 10.5.2 allows remote attackers to inject arbitrary web script or HTML via the displayTab parameter. |
2014年04月23日 |
4.3 |
CVE-2014-1648 |
| tinymce -- tinymce |
The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the TinyMCE security policy for the (1) encoding directive and (2) valid_elements attribute, which allows attackers to conduct cross-site scripting (XSS) attacks via application-specific vectors, as demonstrated using a textarea element. |
2014年04月25日 |
4.3 |
CVE-2012-4230 |
| toshibatec -- e-studio-232 |
Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the web-based management utility) on TOSHIBA TEC e-Studio 232, 233, 282, and 283 devices allows remote attackers to hijack the authentication of administrators for requests that change passwords. |
2014年04月19日 |
6.8 |
CVE-2014-1990 |
| ushahidi -- ushahidi_platform |
Cross-site scripting (XSS) vulnerability in Ushahidi Platform 2.5.x through 2.6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
2014年04月25日 |
4.3 |
CVE-2013-2025 |
| vtiger -- vtiger_crm |
modules/Users/ForgotPassword.php in vTiger 6.0 before Security Patch 2 allows remote attackers to reset the password for arbitrary users via a request containing the username, password, and confirmPassword parameters. |
2014年04月22日 |
6.4 |
CVE-2014-2269 |
| winscp -- winscp |
WinSCP before 5.5.3, when FTP with TLS is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. |
2014年04月22日 |
5.8 |
CVE-2014-2735 |
| wireshark -- wireshark |
The srtp_add_address function in epan/dissectors/packet-rtp.c in the RTP dissector in Wireshark 1.10.x before 1.10.7 does not properly update SRTP conversation data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. |
2014年04月24日 |
4.3 |
CVE-2014-2907 |
| xen -- xen |
Xen 4.4.x, when running on ARM systems, does not properly restrict access to hardware features, which allows local guest users to cause a denial of service (host or guest crash) via unspecified vectors, related to (1) cache control, (2) coprocessors, (3) debug registers, and (4) other unspecified registers. |
2014年04月24日 |
5.5 |
CVE-2014-2915 |
| yassl -- cyassl |
wolfSSL CyaSSL before 2.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via (1) a request for the peer certificate when a certificate parsing failure occurs or (2) a client_key_exchange message when the ephemeral key is not found. |
2014年04月22日 |
5.0 |
CVE-2014-2899 |
| yassl -- cyassl |
wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 certificates with unknown critical extensions, which allows man-in-the-middle attackers to spoof servers via crafted X.509 certificate. |
2014年04月22日 |
5.8 |
CVE-2014-2900 |