|
290501
|
- |
|
y-cam
|
ycb002_firmware
ycb004_firmware
ycw003_firmware
ycb001_firmware
ycblhd5_firmware
ycbl03_firmware
ycbl03
ycblb3_firmware
ycblb3
ycw001_firmware
yck004_firmware
yck003_…
|
Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range YCB004, YCK004, YCW004; EyeBall YCEB03; Bullet VGA YCBL03 and YCBLB3; Bullet HD 720 YCBLHD5; Y-cam Classic Range YCB002, YCK002, and Y…
|
CWE-200
Information Exposure
|
CVE-2014-1900
|
2024-11-21 11:05 |
2015-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290502
|
- |
|
egroupware
|
egroupware
|
eGroupware before 1.8.006.20140217 allows remote attackers to conduct PHP object injection attacks, delete arbitrary files, and possibly execute arbitrary code via the (1) addr_fields or (2) trans pa…
|
CWE-94
Code Injection
|
CVE-2014-2027
|
2024-11-21 11:05 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290503
|
- |
|
cisco
|
secure_access_control_system
|
Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface based on Apache Tomcat, which allows remote authenticated users to modify application files and configu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2130
|
2024-11-21 11:05 |
2015-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290504
|
- |
|
phusion
|
passenger
|
Phusion Passenger 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file. NOTE: this vulnerability exists beca…
|
NVD-CWE-Other
|
CVE-2014-1832
|
2024-11-21 11:05 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290505
|
- |
|
phusion
|
passenger
|
Phusion Passenger before 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file.
|
NVD-CWE-Other
|
CVE-2014-1831
|
2024-11-21 11:05 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290506
|
- |
|
cisco
|
prime_infrastructure
|
Multiple cross-site scripting (XSS) vulnerabilities in INSERT pages in Cisco Prime Infrastructure allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID …
|
CWE-79
Cross-site Scripting
|
CVE-2014-2153
|
2024-11-21 11:05 |
2015-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290507
|
- |
|
cisco
|
prime_infrastructure
|
Cross-site request forgery (CSRF) vulnerability in the INSERT page in Cisco Prime Infrastructure (PI) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun21868.
|
CWE-352
Origin Validation Error
|
CVE-2014-2152
|
2024-11-21 11:05 |
2015-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290508
|
- |
|
cisco
|
prime_infrastructure
|
The web interface in Cisco Prime Infrastructure 2.1 and earlier does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspe…
|
CWE-20
Improper Input Validation
|
CVE-2014-2147
|
2024-11-21 11:05 |
2015-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290509
|
- |
|
linuxmint
gnome
canonical
|
linux_mint
gtk
ubuntu
|
GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button.
|
CWE-284
Improper Access Control
|
CVE-2014-1949
|
2024-11-21 11:05 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290510
|
- |
|
plogger
|
plogger
|
Plogger 1.0 RC1 and earlier, when the Lucid theme is used, does not assign new values for certain codes, which makes it easier for remote attackers to bypass the CAPTCHA protection mechanism via a se…
|
CWE-254
7PK - Security Features
|
CVE-2014-2224
|
2024-11-21 11:05 |
2014-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
