|
282491
|
- |
|
mantisbt
|
mantisbt
|
SQL injection vulnerability in the mc_project_get_attachments function in api/soap/mc_project_api.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary SQL commands via the proje…
|
CWE-89
SQL Injection
|
CVE-2014-8554
|
2024-11-21 11:19 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282492
|
- |
|
freebsd
|
freebsd
|
The setlogin function in FreeBSD 8.4 through 10.1-RC4 does not initialize the buffer used to store the login name, which allows local users to obtain sensitive information from kernel memory via a ca…
|
CWE-200
Information Exposure
|
CVE-2014-8476
|
2024-11-21 11:19 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282493
|
- |
|
open_atrium_project
|
open_atrium
|
The Open Atrium Core module for Drupal before 7.x-2.22 allows remote attackers to bypass access restrictions and read file attachments that have been removed from a node by leveraging a previous revi…
|
CWE-200
Information Exposure
|
CVE-2014-8736
|
2024-11-21 11:19 |
2014-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282494
|
- |
|
bad_behavior_project
|
bad_behavior
|
The Bad Behavior module 6.x-2.x before 6.x-2.2216 and 7.x-2.x before 7.x-2.2216 for Drupal logs usernames and passwords, which allows remote authenticated users with the "administer bad behavior" per…
|
CWE-200
Information Exposure
|
CVE-2014-8735
|
2024-11-21 11:19 |
2014-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282495
|
- |
|
drupal
|
organic_groups_menu
|
The Organic Groups Menu (aka OG Menu) module before 7.x-2.2 for Drupal allows remote authenticated users with the "access administration pages" permission to change module settings via unspecified ve…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8734
|
2024-11-21 11:19 |
2014-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282496
|
- |
|
progress
|
openedge
|
Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the selection parameter.
|
CWE-22
Path Traversal
|
CVE-2014-8555
|
2024-11-21 11:19 |
2014-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282497
|
- |
|
adobe
|
flash_player
air_sdk
air
air_sdk_\&_compiler
|
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8442
|
2024-11-21 11:19 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282498
|
- |
|
adobe
|
flash_player
air_sdk
air
air_sdk_\&_compiler
|
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe …
|
NVD-CWE-noinfo
|
CVE-2014-8441
|
2024-11-21 11:19 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282499
|
- |
|
adobe
|
flash_player
air_sdk
air
air_sdk_\&_compiler
|
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe …
|
NVD-CWE-noinfo
|
CVE-2014-8440
|
2024-11-21 11:19 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282500
|
- |
|
adobe
|
flash_player
air_sdk
air
air_sdk_\&_compiler
|
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR S…
|
NVD-CWE-Other
|
CVE-2014-8438
|
2024-11-21 11:19 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
