|
290211
|
6.1 |
MEDIUM
Network
|
ibm
|
power_hardware_management_console
|
IBM Power HMC 7.1.0 through 7.8.0 and 7.3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended function…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0883
|
2024-11-21 11:02 |
2018-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290212
|
7.5 |
HIGH
Network
|
nic
|
knot_cms
|
Knot DNS before 1.5.2 allows remote attackers to cause a denial of service (application crash) via a crafted DNS message.
|
CWE-20
Improper Input Validation
|
CVE-2014-0486
|
2024-11-21 11:02 |
2018-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290213
|
7.3 |
HIGH
Network
|
cisco
|
webex_meetings_server
|
Cisco WebEx Meetings Server before 1.1 uses meeting IDs with insufficient entropy, which makes it easier for remote attackers to bypass authentication and join arbitrary meetings without a password, …
|
CWE-331
Insufficient Entropy
|
CVE-2014-0691
|
2024-11-21 11:02 |
2017-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290214
|
- |
|
novell
|
groupwise
|
Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in Novell GroupWise 2012 before Support Pack 4 and 2014 before Support Pack 2 allow remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0611
|
2024-11-21 11:02 |
2015-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290215
|
- |
|
adobe
|
flash_player
air
air_sdk
air_sdk_\&_compiler
|
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Ad…
|
CWE-284
Improper Access Control
|
CVE-2014-0578
|
2024-11-21 11:02 |
2015-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290216
|
- |
|
attachmate
|
reflection_ftp_client
|
Directory traversal vulnerability in the rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to execute arbitrary code via unspecified vectors to t…
|
CWE-22
Path Traversal
|
CVE-2014-0605
|
2024-11-21 11:02 |
2015-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290217
|
- |
|
attachmate
|
reflection_ftp_client
|
Directory traversal vulnerability in the rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to execute arbitrary code via unspecified vectors to t…
|
CWE-22
Path Traversal
|
CVE-2014-0604
|
2024-11-21 11:02 |
2015-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290218
|
- |
|
attachmate
|
reflection_ftp_client
|
The rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to cause a denial of service (memory corruption) and execute arbitrary code via vectors rel…
|
CWE-94
Code Injection
|
CVE-2014-0603
|
2024-11-21 11:02 |
2015-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290219
|
- |
|
cray
|
cray_linux_environment
|
apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified …
|
CWE-20
Improper Input Validation
|
CVE-2014-0748
|
2024-11-21 11:02 |
2014-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290220
|
- |
|
adobe
|
flash_player
|
Adobe Flash Player before 13.0.0.259 and 14.x through 16.x before 16.0.0.235 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code or cause a denial of servi…
|
CWE-94
Code Injection
|
CVE-2014-0587
|
2024-11-21 11:02 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
