|
290811
|
- |
|
postfix_admin_project
|
postfix_admin
|
SQL injection vulnerability in the gen_show_status function in functions.inc.php in Postfix Admin (aka postfixadmin) before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands v…
|
CWE-89
SQL Injection
|
CVE-2014-2655
|
2024-11-21 11:06 |
2014-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290812
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk before 5.0.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2578
|
2024-11-21 11:06 |
2014-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290813
|
- |
|
otrs
|
otrs
|
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote authenticated users to inject arbitrary we…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2553
|
2024-11-21 11:06 |
2014-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290814
|
- |
|
linux
fedoraproject
oracle
|
linux_kernel
fedora
linux
|
The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecifi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2014-2678
|
2024-11-21 11:06 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290815
|
- |
|
linux
|
linux_kernel
|
The arch_dup_task_struct function in the Transactional Memory (TM) implementation in arch/powerpc/kernel/process.c in the Linux kernel before 3.13.7 on the powerpc platform does not properly interact…
|
CWE-20
Improper Input Validation
|
CVE-2014-2673
|
2024-11-21 11:06 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290816
|
- |
|
linux
|
linux_kernel
|
Race condition in the ath_tx_aggr_sleep function in drivers/net/wireless/ath/ath9k/xmit.c in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via a l…
|
CWE-362
Race Condition
|
CVE-2014-2672
|
2024-11-21 11:06 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290817
|
- |
|
siemens
|
ruggedcom_rugged_operating_system
|
The web management interface in Siemens RuggedCom ROS before 3.11, ROS 3.11 before 3.11.5 for RS950G, ROS 3.12, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (interface…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2014-2590
|
2024-11-21 11:06 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290818
|
- |
|
microsoft
|
windows_media_player
|
Microsoft Windows Media Player (WMP) 11.0.5721.5230 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted WAV file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2671
|
2024-11-21 11:06 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290819
|
- |
|
postgresql
|
postgresql
|
Multiple integer overflows in contrib/hstore/hstore_io.c in PostgreSQL 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have un…
|
CWE-189
Numeric Errors
|
CVE-2014-2669
|
2024-11-21 11:06 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290820
|
- |
|
zohocorp
|
manageengine_opstor
|
Cross-site scripting (XSS) vulnerability in Properties.do in ZOHO ManageEngine OpStor before build 8500 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2670
|
2024-11-21 11:06 |
2014-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
