|
289741
|
- |
|
sitepark
|
information_enterprise_server
|
Sitepark Information Enterprise Server (IES) 2.9 before 2.9.6, when upgraded from an earlier version, does not properly restrict access, which allows remote attackers to change the manager account pa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3006
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289742
|
- |
|
freebsd
|
freebsd
|
The device file system (aka devfs) in FreeBSD 10.0 before p2 does not load default rulesets when booting, which allows context-dependent attackers to bypass intended restrictions by leveraging a jail…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3001
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289743
|
- |
|
freebsd
|
freebsd
|
The TCP reassembly function in the inet module in FreeBSD 8.3 before p16, 8.4 before p9, 9.1 before p12, 9.2 before p5, and 10.0 before p2 allows remote attackers to cause a denial of service (undefi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3000
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289744
|
- |
|
fishshell
|
fish
|
fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user per…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2905
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289745
|
- |
|
unitrends
|
enterprise_backup
|
recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 allows remote attackers to bypass authentication by setting the auth parameter to a certain string.
|
CWE-287
Improper Authentication
|
CVE-2014-3139
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289746
|
- |
|
xerox
|
docushare
|
SQL injection vulnerability in Xerox DocuShare before 6.53 Patch 6 Hotfix 2, 6.6.1 Update 1 before Hotfix 24, and 6.6.1 Update 2 before Hotfix 3 allows remote authenticated users to execute arbitrary…
|
CWE-89
SQL Injection
|
CVE-2014-3138
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289747
|
- |
|
citrix
|
netscaler_access_gateway_firmware
netscaler_application_delivery_controller_firmware
netscaler_access_gateway
netscaler_application_delivery_controller
|
Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and …
|
NVD-CWE-noinfo
|
CVE-2014-2882
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289748
|
- |
|
citrix
|
netscaler_access_gateway_firmware
netscaler_application_delivery_controller_firmware
netscaler_application_delivery_controller
netscaler_access_gateway
|
Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9…
|
NVD-CWE-noinfo
|
CVE-2014-2881
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289749
|
- |
|
vbulletin
|
vbulletin
|
Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 5.1.1 Alpha 9 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to privatemessage/new/, (2) the fold…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3135
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289750
|
- |
|
sap
|
businessobjects
|
Cross-site scripting (XSS) vulnerability in the InfoView application in SAP BusinessObjects allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3134
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
