|
290401
|
- |
|
opensuse
kde
|
opensuse
kdelibs
|
kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive in…
|
CWE-200
Information Exposure
|
CVE-2014-3494
|
2024-11-21 11:08 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290402
|
- |
|
theforeman
|
foreman
|
Multiple cross-site scripting (XSS) vulnerabilities in the host YAML view in Foreman before 1.4.5 and 1.5.x before 1.5.1 allow remote attackers to inject arbitrary web script or HTML via a parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2014-3492
|
2024-11-21 11:08 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290403
|
- |
|
theforeman
|
foreman
|
Cross-site scripting (XSS) vulnerability in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to inject arbitrary web script or HTML via the Name field to the New Host groups page, …
|
CWE-79
Cross-site Scripting
|
CVE-2014-3491
|
2024-11-21 11:08 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290404
|
- |
|
symantec
|
data_insight
|
Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x before 4.5 allows remote attackers to inject arbitrary web script or HTML via an unspecified fo…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3433
|
2024-11-21 11:08 |
2014-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290405
|
- |
|
symantec
|
data_insight
|
Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x before 4.5 allows remote attackers to inject arbitrary web script or HTML via an unspecified fo…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3432
|
2024-11-21 11:08 |
2014-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290406
|
- |
|
samba
|
samba
|
The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3493
|
2024-11-21 11:08 |
2014-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290407
|
- |
|
symantec
|
encryption_desktop
pgp_desktop
|
Symantec PGP Desktop 10.x, and Encryption Desktop Professional 10.3.x before 10.3.2 MP2, on OS X uses world-writable permissions for temporary files, which allows local users to bypass intended restr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3431
|
2024-11-21 11:08 |
2014-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290408
|
- |
|
redhat
|
openshift_origin
openshift
|
cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with a (1) .tar.gz…
|
CWE-94
Code Injection
|
CVE-2014-3496
|
2024-11-21 11:08 |
2014-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290409
|
- |
|
boonex
|
dolphin
|
SQL injection vulnerability in administration/profiles.php in BoonEx Dolphin 7.1.4 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the members[] parameter…
|
CWE-89
SQL Injection
|
CVE-2014-3810
|
2024-11-21 11:08 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290410
|
- |
|
commscope
|
arris_sbg901
|
Multiple cross-site request forgery (CSRF) vulnerabilities in goform/RgDdns in ARRIS (formerly Motorola) SBG901 SURFboard Wireless Cable Modem allow remote attackers to hijack the authentication of a…
|
CWE-352
Origin Validation Error
|
CVE-2014-3778
|
2024-11-21 11:08 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
