|
285701
|
- |
|
juniper
|
junos
|
Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos before 10.0S25, 10.4 before 10.4R10, 11.4 before 11.4R11, 12.1 before 12.1R9, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2712
|
2024-11-21 11:06 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285702
|
- |
|
juniper
|
junos
|
Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos before 11.4R11, 11.4X27 before 11.4X27.62 (BBE), 12.1 before 12.1R9, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2711
|
2024-11-21 11:06 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285703
|
- |
|
blackberry
|
blackberry_os
blackberry_z10
|
Stack-based buffer overflow in a certain decryption function in qconnDoor on BlackBerry Z10 devices with software 10.1.0.2312, when developer-mode has been previously enabled, allows remote attackers…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2389
|
2024-11-21 11:06 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285704
|
- |
|
orbitscripts
|
orbit_open_ad_server
|
SQL injection vulnerability in OrbitScripts Orbit Open Ad Server before 1.1.1 allows remote attackers to execute arbitrary SQL commands via the site_directory_sort_field parameter to guest/site_direc…
|
CWE-89
SQL Injection
|
CVE-2014-2540
|
2024-11-21 11:06 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285705
|
- |
|
marcel_brinkkemper
|
lazyest-gallery
|
Cross-site scripting (XSS) vulnerability in the Lazyest Gallery plugin before 1.1.21 for WordPress allows remote attackers to inject arbitrary web script or HTML via an EXIF tag. NOTE: some of these…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2333
|
2024-11-21 11:06 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285706
|
- |
|
tigase
|
tigase
|
net/IOService.java in Tigase before 5.2.1 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2746
|
2024-11-21 11:06 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285707
|
- |
|
prosody
|
prosody
|
Prosody before 0.9.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2745
|
2024-11-21 11:06 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285708
|
- |
|
lightwitch
prosody
|
metronome
prosody
|
plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) Lightwitch Metronome through 3.4 negotiates stream compression while a session is unauthenticated, which allows remote attackers to cau…
|
CWE-20
Improper Input Validation
|
CVE-2014-2744
|
2024-11-21 11:06 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285709
|
- |
|
lightwitch
|
metronome
|
plugins/mod_compression.lua in Lightwitch Metronome through 3.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resou…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2743
|
2024-11-21 11:06 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285710
|
- |
|
isode
|
m-link
|
Isode M-Link before 16.0v7 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP s…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2742
|
2024-11-21 11:06 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
