CVE-2014-2464

Technical details about CVE-2014-2464 are not publicly available in the provided documents. Monitor for updates in the sources you’ve shared; no explicit affected product versions, root cause, impact, or fixes are disclosed here.

CVE-2014-2466

CVE-2014-2466 concerns the Oracle Agile PLM Framework within Oracle Supply Chain Products Suite 9.3.3. The description states an unspecified vulnerability allowing remote authenticated users to affect confidentiality via unknown vectors. The CVSS2 base score is 2.1 (Low) with partial confidential...

CVE-2014-2467

CVE-2014-2467 is described as an unspecified vulnerability in the Oracle Agile PLM Framework component of Oracle Supply Chain Products Suite 9.3.3. The connected documents do not provide concrete technical details (affected component/version, root cause, impact or remediation). Monitor for updates.

Fedora Update for php-ZendFramework2 FEDORA-2014-4612

Check for the Version of php-ZendFramework2 OpenVAS Vulnerability Test Fedora Update for php-ZendFramework2 FEDORA-2014-4612 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

FreePBX Framework Module view.functions.php Remote Code Execution

Added: 04/03/2014 CVE: CVE-2014-1903 BID: 65509 OSVDB: 103240 Background FreePBX is an open source telephony front-end, which has an easy to use graphical user interface that controls and manages Asterisk. Problem The Framework module of FreePBX is vulnerable to remote code execution as a result ...

FreePBX Framework Module view.functions.php Remote Code Execution

Added: 04/03/2014 CVE: CVE-2014-1903 BID: 65509 OSVDB: 103240 Background FreePBX is an open source telephony front-end, which has an easy to use graphical user interface that controls and manages Asterisk. Problem The Framework module of FreePBX is vulnerable to remote code execution as a result ...

Design/Logic Flaw

The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the formvars form...

CVE-2014-1691

The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the formvars form...

FreePBX Framework模块admin/libraries/view.functions.php远程代码执行漏洞

CVE ID:CVE-2014-1903 FreePBX是开源Web PBX解决方案。 FreePBX admin/libraries/view.functions.php没有限制API处理程序可访问的函数集，这可使远程攻击者通过 admin/config.php 的函数和参数，利用此漏洞执行任意PHP代码。 0 FreePBX 2.9 目前厂商已经发布了升级补丁以修复漏洞，请下载使用： http://www.freepbx.org/news/2014-02-06/security-vulnerability-notice...

[DNmap] Distributed Nmap Framwork

DNmap is a distributed nmap framwork using a client/server architecture. The server reads the commands from a file and send them to each client. The client execute the nmap command and send the results back. Download DNmap...

MantisBT Admin SQL Injection Arbitrary File Read

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "MantisBT Admin SQ...

Potential XSS vector in multiple view helpers

More info at https://framework.zend.com/security/advisory/ZF2014-03...

OWASP Xenotix XSS Exploit Framework v5

OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting XSS vulnerability detection and exploitation framework. It provides Zero False Positive scan results with its unique Triple Browser Engine Trident, WebKit, and Gecko embedded scanner. It is claimed to have the world’s 2nd...

Directory traversal

The charting component in IBM WebSphere Dashboard Framework WDF 6.1.5 and 7.0.1 allows remote attackers to view or delete image files by leveraging incorrect security constraints for a temporary directory...

CVE-2013-7299

framework/common/messageheaderparser.cpp in Tntnet before 2.2.1 allows remote attackers to obtain sensitive information via a header that ends in \n instead of \r\n, which prevents a null terminator from being added and causes Tntnet to include headers from other requests...

[MIDAS] Mac Intrusion Detection Analysis System

MIDAS is a framework for developing a Mac Intrusion Detection Analysis System, based on work and collaborative discussions between the Etsy and Facebook security teams. This repository provides a modular framework and a number of helper utilities, as well as an example module for detecting...

CVE-2013-5452

IBM FileNet Business Process Framework 4.1.0 allows remote authenticated users to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

[SECURITY] [DSA 2815-1] munin security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2815-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 09, 2013 http://www.debian.org/security/faq -...

[SECURITY] Fedora 18 Update: php-symfony2-HttpKernel-2.2.10-1.fc18

HttpKernel provides the building blocks to create flexible and fast HTTP-based frameworks. It takes a Request as an input and should return a Response as an output. Using this interface makes your code compatible with all frameworks using the Symfony2 components. And this will give you many cool...

OWASP Xenotix XSS Exploit Framework v4.5

Version 4.5 Additions JavaScript Beautifier Pause and Resume support for Scan Jump to Payload Cookie Support for POST Request Cookie Support and Custom Headers for Header Scanner Added TRACE method Support Improved Interface Better Proxy Support WAF Fingerprinting Load Files Hash Calculator Hash...