Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-04-12 | CVE-2013-6216 | Privilege Escalation vulnerability in Multiple HP Products Unspecified vulnerability in HP Array Configuration Utility, Array Diagnostics Utility, ProLiant Array Diagnostics, and SmartSSD Wear Gauge Utility 9.40 and earlier allows local users to gain privileges via unknown vectors. | 2.1 |
| 2014-04-12 | CVE-2013-2828 | Improper Input Validation vulnerability in Osisoft PI Interface The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for DNP3 allows physically proximate attackers to cause a denial of service (interface shutdown) via crafted input over a serial line. | 4.7 |
| 2014-04-12 | CVE-2013-2809 | Improper Input Validation vulnerability in Osisoft PI Interface The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for DNP3 allows remote attackers to cause a denial of service (interface shutdown) via a crafted TCP packet. | 7.1 |
| 2014-04-11 | CVE-2014-1210 | Cryptographic Issues vulnerability in VMWare Vsphere Client 5.0/5.1 VMware vSphere Client 5.0 before Update 3 and 5.1 before Update 2 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate. | 5.8 |
| 2014-04-11 | CVE-2014-1209 | Improper Input Validation vulnerability in VMWare Vsphere Client VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly validate updates to Client files, which allows remote attackers to trigger the downloading and execution of an arbitrary program via unspecified vectors. | 9.3 |
| 2014-04-11 | CVE-2014-0636 | Cryptographic Issues vulnerability in Dell Bsafe Micro-Edition-Suite EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x before 3.2.6 and 4.0.x before 4.0.5 does not properly validate X.509 certificate chains, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate chain. | 5.8 |
| 2014-04-11 | CVE-2014-1969 | Path Traversal vulnerability in Apps4U@Android SD Card Manager 20140223 Directory traversal vulnerability in the apps4u@android SD Card Manager application before 20140224 for Android allows attackers to overwrite or create arbitrary files via a crafted filename. | 5.8 |
| 2014-04-11 | CVE-2014-0777 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ioserver OPC Server and OPC Drivers The Modbus slave/outstation driver in the OPC Drivers 1.0.20 and earlier in IOServer OPC Server allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted packet. | 7.8 |
| 2014-04-11 | CVE-2014-2850 | OS Command Injection vulnerability in Sophos web Appliance and web Appliance Firmware The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address parameter. | 8.5 |
| 2014-04-11 | CVE-2014-2849 | Permissions, Privileges, and Access Controls vulnerability in Sophos web Appliance and web Appliance Firmware The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request. | 8.5 |