| Page(s) : 1 ... 8 9 10 11 12 13 14 15 16 17 [18] 19 20 21 22 23 24 25 26 27 28 ... | Result(s) : 84919 |
Alerts
| Date | Name | Categories | Detail | |
|---|---|---|---|---|
| 7.8 | 2015-01-16 | CVE-2014-5418 | cve | GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware 4.2.1 and earlier and Multilink ML810, ML3000, and ML3100 switches with firmware 5.2.0 and earlier allow re... |
| 6.9 | 2015-01-16 | CVE-2014-2355 | cve | The (1) CimView and (2) CimEdit components in GE Proficy HMI/SCADA-CIMPLICITY 8.2 and earlier allow remote attackers to gain privileges via a crafted CIMPLICITY screen (aka .CIM... |
| 7.5 | 2015-01-16 | CVE-2014-9604 | cve | libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array... |
| 7.5 | 2015-01-16 | CVE-2014-9603 | cve | The vmd_decode function in libavcodec/vmdvideo.c in FFmpeg before 2.5.2 does not validate the relationship between a certain length value and the frame width, which allows remot... |
| 7.5 | 2015-01-16 | CVE-2014-9602 | cve | libavcodec/xface.h in FFmpeg before 2.5.2 establishes certain digits and words array dimensions that do not satisfy a required mathematical relationship, which allows remote att... |
| 7.5 | 2015-01-16 | DSA-3130 | Debian | lsyncd security update |
| 7.8 | 2015-01-16 | VU#936356 | VU-CERT | Ceragon FiberAir IP-10 Microwave Bridge contains a default root password |
| 5.8 | 2015-01-16 | CVE-2015-1060 | cve | Open redirect vulnerability in lib/Cake/Controller/Controller.php in AdaptCMS 3.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks... |
| 6.5 | 2015-01-16 | CVE-2015-1059 | cve | Unrestricted file upload vulnerability in admin/files/add in AdaptCMS 3.0.3 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extens... |
| 4.3 | 2015-01-16 | CVE-2015-1058 | cve | Multiple cross-site scripting (XSS) vulnerabilities in AdaptCMS 3.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) data[Category][title] parameter t... |
| 4.3 | 2015-01-16 | CVE-2015-1057 | cve | Cross-site scripting (XSS) vulnerability in usersettings.php in e107 2.0.0 allows remote attackers to inject arbitrary web script or HTML via the "Real Name" value. |
| 4.3 | 2015-01-16 | CVE-2015-1056 | cve | Cross-site scripting (XSS) vulnerability in Brother MFC-J4410DW printer with firmware before L allows remote attackers to inject arbitrary web script or HTML via the url paramet... |
| 7.5 | 2015-01-16 | CVE-2015-1055 | cve | SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the order_by parameter in a GalleryBox ... |
| 3.5 | 2015-01-16 | CVE-2015-1054 | cve | Cross-site scripting (XSS) vulnerability in the Games feature in Crea8Social 2.0 allows remote authenticated users to inject arbitrary web script or HTML via the Game Content fi... |
| 4.3 | 2015-01-16 | CVE-2015-1053 | cve | Cross-site scripting (XSS) vulnerability in the administrative backend in Croogo before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the path paramet... |
| 6.5 | 2015-01-16 | CVE-2015-1029 | cve | The puppetlabs-stdlib module 2.1 through 3.0 and 4.1.0 through 4.5.x before 4.5.1 for Puppet 2.8.8 and earlier allows remote authenticated users to gain privileges or obtain sen... |
| 5 | 2015-01-16 | CVE-2015-0222 | cve | ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by s... |
| 5 | 2015-01-16 | CVE-2015-0221 | cve | The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 reads files an entire line at a time, which allows remote attackers to ca... |
| 4.3 | 2015-01-16 | CVE-2015-0220 | cve | The django.util.http.is_safe_url function in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 does not properly handle leading whitespaces, which allows remote ... |
| 5 | 2015-01-16 | CVE-2015-0219 | cve | Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allows remote attackers to spoof WSGI headers by using an _ (underscore) character instead of a - (dash) charac... |
| Page(s) : 1 ... 8 9 10 11 12 13 14 15 16 17 [18] 19 20 21 22 23 24 25 26 27 28 ... | Result(s) : 84919 |
