|
289341
|
- |
|
microsoft
|
asp.net_model_view_controller
|
Cross-site scripting (XSS) vulnerability in System.Web.Mvc.dll in Microsoft ASP.NET Model View Controller (MVC) 2.0 through 5.1 allows remote attackers to inject arbitrary web script or HTML via a cr…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4075
|
2024-11-21 11:09 |
2014-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289342
|
- |
|
microsoft
|
.net_framework
|
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4073
|
2024-11-21 11:09 |
2014-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289343
|
- |
|
epicor
|
epicor_procurement
|
SQL injection vulnerability in Epicor Procurement before 7.4 SP2 allows remote attackers to execute arbitrary SQL commands via the User field.
|
CWE-89
SQL Injection
|
CVE-2014-4313
|
2024-11-21 11:09 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289344
|
- |
|
epicor
|
epicor_enterprise
|
Multiple cross-site scripting (XSS) vulnerabilities in Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allow remote attackers to inject arbitrary web script or HTML via the (1) Notes section to O…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4312
|
2024-11-21 11:09 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289345
|
- |
|
gnu
opensuse
|
glibc
opensuse
|
The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-…
|
CWE-94
Code Injection
|
CVE-2014-4043
|
2024-11-21 11:09 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289346
|
- |
|
alex_kellner
|
powermail
|
Unrestricted file upload vulnerability in the powermail extension before 1.6.11 and 2.x before 2.0.14 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with a crafted ex…
|
CWE-94
Code Injection
|
CVE-2014-3947
|
2024-11-21 11:09 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289347
|
- |
|
perl
data_dumper_project
|
perl
data_dumper
|
The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an Array-Referenc…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4330
|
2024-11-21 11:09 |
2014-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289348
|
- |
|
miniupnp_project
opensuse
|
miniupnp
opensuse
|
The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service (crash) via crafted headers that trigger an out-of-bounds read.
|
NVD-CWE-noinfo
|
CVE-2014-3985
|
2024-11-21 11:09 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289349
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4111
|
2024-11-21 11:09 |
2014-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289350
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4110
|
2024-11-21 11:09 |
2014-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
