| Page(s) : 1 2 3 4 5 6 [7] 8 9 10 11 12 13 14 15 16 17 ... | Result(s) : 68966 |
Alerts
| Date | Name | Categories | Detail | |
|---|---|---|---|---|
| 7.5 | 2015-02-19 | CVE-2015-1587 | cve | Unrestricted file upload vulnerability in file_to_index.php in Maarch LetterBox 2.8 and earlier and GEC/GED 1.4 and earlier allows remote attackers to execute arbitrary PHP code... |
| 6.8 | 2015-02-19 | CVE-2015-1585 | cve | Fat Free CRM before 0.13.6 allows remote attackers to conduct cross-site request forgery (CSRF) attacks via a request without the authenticity_token, as demonstrated by a crafte... |
| 7.2 | 2015-02-19 | CVE-2015-1515 | cve | The dwall.sys driver in SoftSphere DefenseWall Personal Firewall 3.24 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a cra... |
| 1.9 | 2015-02-19 | CVE-2015-1197 | cve | cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive. |
| 6.8 | 2015-02-19 | CVE-2014-9679 | cve | Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed rast... |
| 4.3 | 2015-02-19 | CVE-2014-9468 | cve | Multiple cross-site scripting (XSS) vulnerabilities in InstantASP InstantForum.NET 4.1.3, 4.1.2, 4.1.1, 4.0.0, 4.1.0, and 3.4.0 allow remote attackers to inject arbitrary web sc... |
| 5 | 2015-02-19 | CVE-2014-9465 | cve | senddocument.php in Zarafa WebApp before 2.0 beta 3 and WebAccess in Zarafa Collaboration Platform (ZCP) 7.x before 7.1.12 beta 1 and 7.2.x before 7.2.0 beta 1 allows remote att... |
| 4.3 | 2015-02-19 | CVE-2014-8690 | cve | Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS before 2.1.4 patch 6, 2.2.x before 2.2.3 patch 9, and 2.3.x before 2.3.1 patch 4 allow remote attackers to in... |
| 10 | 2015-02-19 | CVE-2014-8165 | cve | scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted seriali... |
| 2.1 | 2015-02-19 | CVE-2014-1832 | cve | Phusion Passenger 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file. NOTE: this vul... |
| 2.1 | 2015-02-19 | CVE-2014-1831 | cve | Phusion Passenger before 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file. |
| 5 | 2015-02-19 | CVE-2012-6687 | cve | FastCGI (aka fcgi and libfcgi) 2.4.0 allows remote attackers to cause a denial of service (segmentation fault and crash) via a large number of connections. |
| 5 | 2015-02-19 | CVE-2014-9423 | cve | The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmi... |
| 6.1 | 2015-02-19 | CVE-2014-9422 | cve | The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows rem... |
| 9 | 2015-02-19 | CVE-2014-9421 | cve | The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly... |
| 5 | 2015-02-19 | CVE-2014-6304 | cve | The Form Controls CSS file in PNMsoft Sequence Kinetics before 7.7 allows remote attackers to obtain sensitive source-code information via unspecified vectors. |
| 5 | 2015-02-19 | CVE-2014-6303 | cve | The Monitoring Administration pages in PNMsoft Sequence Kinetics before 7.7 do not properly detect recursion during entity expansion, which allows remote attackers to cause a de... |
| 5 | 2015-02-19 | CVE-2014-6302 | cve | The Monitoring Administration pages in PNMsoft Sequence Kinetics before 7.7 allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction ... |
| 4.3 | 2015-02-19 | CVE-2014-6301 | cve | Multiple cross-site scripting (XSS) vulnerabilities in the tables-management module in PNMsoft Sequence Kinetics before 7.7 allow remote attackers to inject arbitrary web script... |
| 9 | 2015-02-19 | CVE-2014-5352 | cve | The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through ... |
| Page(s) : 1 2 3 4 5 6 [7] 8 9 10 11 12 13 14 15 16 17 ... | Result(s) : 68966 |
