|
289761
|
- |
|
pythonware
python
|
python_imaging_library
pillow
|
Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possib…
|
CWE-78
OS Command
|
CVE-2014-3007
|
2024-11-21 11:07 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289762
|
- |
|
acunetix
|
web_vulnerability_scanner
|
Stack-based buffer overflow in Acunetix Web Vulnerability Scanner (WVS) 8 build 20120704 allows remote attackers to execute arbitrary code via an HTML file containing an IMG element with a long URL (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2994
|
2024-11-21 11:07 |
2014-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289763
|
- |
|
linux
|
linux_kernel
|
Off-by-one error in the bpf_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 3.1.8, when BPF JIT is enabled, allows local users to cause a denial of service (system cras…
|
CWE-189
Numeric Errors
|
CVE-2014-2889
|
2024-11-21 11:07 |
2014-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289764
|
- |
|
birebin
|
birebin.com_app
|
The Birebin.com application for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted c…
|
CWE-310
Cryptographic Issues
|
CVE-2014-2993
|
2024-11-21 11:07 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289765
|
- |
|
misli
|
misli.com_app
|
The Misli.com application for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted cer…
|
CWE-310
Cryptographic Issues
|
CVE-2014-2992
|
2024-11-21 11:07 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289766
|
- |
|
xcloner
|
xcloner
|
XCloner Standalone 3.5 and earlier, when enable_db_backup and sql_mem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackup_co…
|
CWE-94
Code Injection
|
CVE-2014-2996
|
2024-11-21 11:07 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289767
|
- |
|
siemens
|
simatic_s7_cpu_1200_firmware
simatic_s7_cpu-1211c
simatic_s7_cpu_1212c
simatic_s7_cpu_1214c
simatic_s7_cpu_1215c
simatic_s7_cpu_1217c
|
CRLF injection vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary HTTP headers via unspecified vectors.
|
CWE-94
Code Injection
|
CVE-2014-2909
|
2024-11-21 11:07 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289768
|
- |
|
siemens
|
simatic_s7_cpu_1200_firmware
simatic_s7_cpu-1211c
simatic_s7_cpu_1212c
simatic_s7_cpu_1214c
simatic_s7_cpu_1215c
simatic_s7_cpu_1217c
|
Cross-site scripting (XSS) vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary web script or HTML via unspecified…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2908
|
2024-11-21 11:07 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289769
|
- |
|
xen
|
xen
|
Xen 4.4.x, when running on ARM systems, does not properly restrict access to hardware features, which allows local guest users to cause a denial of service (host or guest crash) via unspecified vecto…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2915
|
2024-11-21 11:07 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289770
|
- |
|
wireshark
|
wireshark
|
The srtp_add_address function in epan/dissectors/packet-rtp.c in the RTP dissector in Wireshark 1.10.x before 1.10.7 does not properly update SRTP conversation data, which allows remote attackers to …
|
NVD-CWE-noinfo
|
CVE-2014-2907
|
2024-11-21 11:07 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
