|
290901
|
- |
|
amtelco
|
misecuremessages
|
Amtelco miSecureMessages allows remote attackers to read the messages of arbitrary users via an XML request containing a valid license key and a modified contactID value, as demonstrated by a request…
|
CWE-287
Improper Authentication
|
CVE-2014-0357
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290902
|
- |
|
zyxel
|
n300_netusb_nbg-419n_firmware
n300_netusb_nbg-419n
|
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allows remote attackers to execute arbitrary code via shell metacharacters in input to the (1) detectWeather, (2) set_langua…
|
CWE-78
OS Command
|
CVE-2014-0356
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290903
|
- |
|
zyxel
|
n300_netusb_nbg-419n_firmware
n300_netusb_nbg-419n
|
Multiple stack-based buffer overflows on the ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allow man-in-the-middle attackers to execute arbitrary code via (1) a long temp att…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0355
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290904
|
- |
|
zyxel
|
n300_netusb_nbg-419n_firmware
n300_netusb_nbg-419n
|
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 has a hardcoded password of qweasdzxc for an unspecified account, which allows remote attackers to obtain index.asp login ac…
|
CWE-255
Credentials Management
|
CVE-2014-0354
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290905
|
- |
|
zyxel
|
n300_netusb_nbg-419n_firmware
n300_netusb_nbg-419n
|
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allows remote attackers to bypass authentication by using %2F sequences in place of / (slash) characters.
|
CWE-287
Improper Authentication
|
CVE-2014-0353
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290906
|
- |
|
ontariosystems
|
artiva_healthcare
artiva_rm
artiva_architect
artiva_workstation
|
The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9, Artiva Rm 3.1 MR7, Artiva Healthcare 5.2 MR5, and Artiva Architect 3.2 MR5, when the domain-name option…
|
CWE-287
Improper Authentication
|
CVE-2014-0348
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290907
|
- |
|
pivotx
|
pivotx
|
Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .p…
|
NVD-CWE-Other
|
CVE-2014-0342
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290908
|
- |
|
pivotx
|
pivotx
|
Multiple cross-site scripting (XSS) vulnerabilities in PivotX before 2.3.9 allow remote authenticated users to inject arbitrary web script or HTML via the title field to (1) templates_internal/pages.…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0341
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290909
|
- |
|
linux
|
linux_kernel
|
The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial…
|
CWE-20
Improper Input Validation
|
CVE-2014-0155
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290910
|
- |
|
linux
|
linux_kernel
|
drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memor…
|
CWE-787
Out-of-bounds Write
|
CVE-2014-0077
|
2024-11-21 11:01 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
