|
289291
|
- |
|
microsoft
|
windows_server_2003
|
Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability."
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4076
|
2024-11-21 11:09 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289292
|
- |
|
epicor
|
epicor_enterprise
|
Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allows attackers to obtain the (1) Database Connection and (2) E-mail Connection passwords by reading HTML source code of the database connection a…
|
CWE-200
Information Exposure
|
CVE-2014-4311
|
2024-11-21 11:09 |
2014-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289293
|
- |
|
f5
|
big-ip_advanced_firewall_manager
big-ip_policy_enforcement_manager
big-ip_application_security_manager
big-ip_application_acceleration_manager
enterprise_manager
big-ip_edge_gateway
Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, A…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4023
|
2024-11-21 11:09 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
289294
|
- |
|
freebsd
|
freebsd
|
routed in FreeBSD 8.4 through 10.1-RC2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RIP request from a source not on a directly connected network.
|
CWE-20
Improper Input Validation
|
CVE-2014-3955
|
2024-11-21 11:09 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289295
|
- |
|
freebsd
|
freebsd
|
Stack-based buffer overflow in rtsold in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted DNS parameters in a r…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3954
|
2024-11-21 11:09 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289296
|
- |
|
j\!extensions_store
|
jchatsocial
|
Cross-site scripting (XSS) vulnerability in the JChatSocial component before 2.3 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the filename parameter in a file upload…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3863
|
2024-11-21 11:09 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289297
|
- |
|
tomatocart
|
tomatocart
|
SQL injection vulnerability in TomatoCart 1.1.8.6.1 allows remote authenticated users to execute arbitrary SQL commands via the First Name and Last Name fields in a new address book contact.
|
CWE-89
SQL Injection
|
CVE-2014-3978
|
2024-11-21 11:09 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289298
|
- |
|
oracle
|
database_server
|
Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via un…
|
NVD-CWE-noinfo
|
CVE-2014-4310
|
2024-11-21 11:09 |
2014-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289299
|
- |
|
oracle
|
database_server
|
Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown …
|
NVD-CWE-noinfo
|
CVE-2014-4300
|
2024-11-21 11:09 |
2014-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289300
|
- |
|
oracle
|
database_server
|
Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown …
|
NVD-CWE-noinfo
|
CVE-2014-4299
|
2024-11-21 11:09 |
2014-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
