CVE-2014-8322

Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value. (CVSS:7.5) (Concluding Update:2020-02-05)

2020-01-30T20:00:00-05:00January 30th, 2020|Vulnerabilities with Exploits|

CVE-2013-2294

Multiple cross-site scripting (XSS) vulnerabilities in ViewGit before 0.0.7 allow remote repository users to inject arbitrary web script or HTML via a (1) tag name to the Shortlog table in templates/shortlog.php or branch name to the (2) Shortlog table in templates/shortlog.php or (3) Heads table in plates/summary.php. (CVSS:4.3) (Last Update:2020-01-31)

2020-01-29T20:00:00-05:00January 29th, 2020|Vulnerabilities with Exploits|

CVE-2013-2572

A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized accession to CGI files. (CVSS:5.0) (Last Update:2020-01-31)

2020-01-28T20:00:00-05:00January 28th, 2020|Vulnerabilities with Exploits|

CVE-2013-2567

An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 owed to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain easily broken information. (CVSS:5.0) (Final Update:2020-02-01)

2020-01-28T20:00:00-05:00January 28th, 2020|Vulnerabilities with Exploits|

CVE-2015-3154

CRLF injection vulnerability in ZendMail (Zend_Mail) in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the header of an email. (CVSS:4.3) (Final Update:2020-01-30)

2020-01-26T20:00:00-05:00January 26th, 2020|HTTP Response Splitting|
Go to Top