|
286971
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite before 7.2.2-rev31, 7.4.0 before 7.4.0-rev27, and 7.4.1 before 7.4.1-rev17 allows remote attackers to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1679
|
2024-11-21 11:04 |
2015-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286972
|
- |
|
maxthon
|
maxthon_cloud_browser
|
The Maxthon Cloud Browser application before 4.1.6.2000 for Android allows remote attackers to spoof the address bar via crafted JavaScript code that uses the history API.
|
CWE-284
Improper Access Control
|
CVE-2014-1449
|
2024-11-21 11:04 |
2014-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286973
|
- |
|
mozilla
|
network_security_services
|
The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 lengt…
|
NVD-CWE-Other
|
CVE-2014-1569
|
2024-11-21 11:04 |
2014-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286974
|
- |
|
mozilla
|
firefox
firefox_esr
thunderbird
|
Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, and Thunderbird before 31.3 on Apple OS X 10.10 omit a CoreGraphics disable-logging action that is needed by jemalloc-based applications, wh…
|
CWE-199
Information Management Errors
|
CVE-2014-1595
|
2024-11-21 11:04 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286975
|
- |
|
mozilla
|
firefox_esr
firefox
seamonkey
thunderbird
|
Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary code by leveraging an incorrect cast fr…
|
CWE-20
Improper Input Validation
|
CVE-2014-1594
|
2024-11-21 11:04 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286976
|
- |
|
mozilla
|
firefox_esr
firefox
seamonkey
thunderbird
|
Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remot…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1593
|
2024-11-21 11:04 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286977
|
- |
|
mozilla
|
firefox_esr
firefox
seamonkey
thunderbird
|
Use-after-free vulnerability in the nsHtml5TreeOperation function in xul.dll in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows re…
|
NVD-CWE-Other
|
CVE-2014-1592
|
2024-11-21 11:04 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286978
|
- |
|
mozilla
|
firefox
seamonkey
|
Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in CSP violation reports, which allows remote attackers to obtain sensitive information via a web site that receives a report after…
|
CWE-199
Information Management Errors
|
CVE-2014-1591
|
2024-11-21 11:04 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286979
|
- |
|
mozilla
|
firefox_esr
firefox
seamonkey
thunderbird
|
The XMLHttpRequest.prototype.send method in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to cause a denial of …
|
CWE-20
Improper Input Validation
|
CVE-2014-1590
|
2024-11-21 11:04 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286980
|
- |
|
mozilla
|
firefox
seamonkey
|
Mozilla Firefox before 34.0 and SeaMonkey before 2.31 provide stylesheets with an incorrect primary namespace, which allows remote attackers to bypass intended access restrictions via an XBL binding.
|
CWE-284
Improper Access Control
|
CVE-2014-1589
|
2024-11-21 11:04 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
