|
281171
|
- |
|
allegrosoft
|
rompager
|
Multiple buffer overflows in AllegroSoft RomPager, as used in Huawei Home Gateway products and other vendors and products, allow remote attackers to cause a denial of service or possibly execute arbi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9223
|
2024-11-21 11:20 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281172
|
- |
|
allegrosoft
|
rompager
|
AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway products and other vendors and products, allows remote attackers to gain privileges via a crafted cookie that triggers memory cor…
|
CWE-17
Code
|
CVE-2014-9222
|
2024-11-21 11:20 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281173
|
- |
|
microfocus
|
access_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.1 allow remote attackers to inject arbitrary web script or HTML via (1) an arbitrary parameter to roma/j…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9412
|
2024-11-21 11:20 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281174
|
- |
|
piwigo
|
piwigo
|
SQL injection vulnerability in the rate_picture function in include/functions_rate.inc.php in Piwigo before 2.5.5, 2.6.x before 2.6.4, and 2.7.x before 2.7.2 allows remote attackers to execute arbitr…
|
CWE-89
SQL Injection
|
CVE-2014-9115
|
2024-11-21 11:20 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281175
|
- |
|
modx
|
modx_revolution
|
Cross-site scripting (XSS) vulnerability in manager/assets/fileapi/FileAPI.flash.image.swf in MODX Revolution 2.3.2-pl allows remote attackers to inject arbitrary web script or HTML via the callback …
|
CWE-79
Cross-site Scripting
|
CVE-2014-8992
|
2024-11-21 11:20 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281176
|
- |
|
ntp
|
ntp
|
The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended associ…
|
CWE-17
Code
|
CVE-2014-9296
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281177
|
- |
|
ntp
|
ntp
|
Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9295
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281178
|
- |
|
ntp
|
ntp
|
util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
|
NVD-CWE-Other
|
CVE-2014-9294
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281179
|
- |
|
ntp
|
ntp
|
The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection …
|
NVD-CWE-Other
|
CVE-2014-9293
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281180
|
- |
|
innominate
|
mguard_firmware
|
Innominate mGuard with firmware before 7.6.6 and 8.x before 8.1.4 allows remote authenticated admins to obtain root privileges by changing a PPP configuration setting.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9193
|
2024-11-21 11:20 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
