|
290261
|
- |
|
wireshark
|
wireshark
|
epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a deni…
|
NVD-CWE-Other
|
CVE-2014-2283
|
2024-11-21 11:05 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290262
|
- |
|
wireshark
|
wireshark
|
The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2282
|
2024-11-21 11:05 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290263
|
- |
|
wireshark
|
wireshark
|
The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which all…
|
CWE-20
Improper Input Validation
|
CVE-2014-2281
|
2024-11-21 11:05 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290264
|
- |
|
opendocman
|
opendocman
|
SQL injection vulnerability in ajax_udf.php in OpenDocMan before 1.2.7.2 allows remote attackers to execute arbitrary SQL commands via the add_value parameter.
|
CWE-89
SQL Injection
|
CVE-2014-1945
|
2024-11-21 11:05 |
2014-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290265
|
- |
|
ilch
|
ilch_cms
|
Cross-site scripting (XSS) vulnerability in Ilch CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the text parameter to index.php/guestbook/index/newentry.
|
CWE-79
Cross-site Scripting
|
CVE-2014-1944
|
2024-11-21 11:05 |
2014-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290266
|
- |
|
gnu
|
gnutls
|
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1959
|
2024-11-21 11:05 |
2014-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290267
|
- |
|
videowhisper
|
live_streaming_integration_plugin
|
Multiple directory traversal vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to (1) read arbitrary files via a .. (dot dot) in…
|
CWE-22
Path Traversal
|
CVE-2014-1907
|
2024-11-21 11:05 |
2014-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290268
|
- |
|
videowhisper
|
live_streaming_integration_plugin
|
Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1906
|
2024-11-21 11:05 |
2014-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290269
|
- |
|
foscam
|
fi8919w_firmware
fi8919w
|
The Foscam FI8910W camera with firmware before 11.37.2.55 allows remote attackers to obtain sensitive video and image data via a blank username and password.
|
CWE-287
Improper Authentication
|
CVE-2014-1911
|
2024-11-21 11:05 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290270
|
- |
|
cmsmadesimple
|
cms_made_simple
|
SQL injection vulnerability in the News module in CMS Made Simple (CMSMS) before 1.11.10 allows remote authenticated users with the "Modify News" permission to execute arbitrary SQL commands via the …
|
CWE-89
SQL Injection
|
CVE-2014-2245
|
2024-11-21 11:05 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
