|
290131
|
- |
|
zyxel
|
n300_netusb_nbg-419n_firmware
n300_netusb_nbg-419n
|
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 has a hardcoded password of qweasdzxc for an unspecified account, which allows remote attackers to obtain index.asp login ac…
|
CWE-255
Credentials Management
|
CVE-2014-0354
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290132
|
- |
|
zyxel
|
n300_netusb_nbg-419n_firmware
n300_netusb_nbg-419n
|
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allows remote attackers to bypass authentication by using %2F sequences in place of / (slash) characters.
|
CWE-287
Improper Authentication
|
CVE-2014-0353
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290133
|
- |
|
ontariosystems
|
artiva_healthcare
artiva_rm
artiva_architect
artiva_workstation
|
The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9, Artiva Rm 3.1 MR7, Artiva Healthcare 5.2 MR5, and Artiva Architect 3.2 MR5, when the domain-name option…
|
CWE-287
Improper Authentication
|
CVE-2014-0348
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290134
|
- |
|
pivotx
|
pivotx
|
Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .p…
|
NVD-CWE-Other
|
CVE-2014-0342
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290135
|
- |
|
pivotx
|
pivotx
|
Multiple cross-site scripting (XSS) vulnerabilities in PivotX before 2.3.9 allow remote authenticated users to inject arbitrary web script or HTML via the title field to (1) templates_internal/pages.…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0341
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290136
|
- |
|
linux
|
linux_kernel
|
The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial…
|
CWE-20
Improper Input Validation
|
CVE-2014-0155
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290137
|
- |
|
linux
|
linux_kernel
|
drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memor…
|
CWE-787
Out-of-bounds Write
|
CVE-2014-0077
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290138
|
- |
|
openafs
debian
|
openafs
debian_linux
|
Buffer overflow in the GetStatistics64 remote procedure call (RPC) in OpenAFS 1.4.8 before 1.6.7 allows remote attackers to cause a denial of service (crash) via a crafted statsVersion argument.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0159
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290139
|
- |
|
squid-cache
opensuse
|
squid
opensuse
|
Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (assertion failure) via a crafted range request, related to state manageme…
|
CWE-20
Improper Input Validation
|
CVE-2014-0128
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290140
|
- |
|
j2k-codec
|
j2k-codec
|
Multiple unspecified vulnerabilities in J2k-Codec allow remote attackers to execute arbitrary code via a crafted JPEG 2000 file.
|
NVD-CWE-noinfo
|
CVE-2014-0349
|
2024-11-21 11:01 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
