|
281471
|
- |
|
comodo
|
backup
|
The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote attackers to gain privileges via a crafted device handle, which triggers a NULL pointer dereference.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9633
|
2024-11-21 11:21 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281472
|
- |
|
fluxbb
|
fluxbb
|
Directory traversal vulnerability in install.php in FluxBB before 1.5.8 allows remote attackers to include and execute arbitrary local install.php files via a .. (dot dot) in the install_lang paramet…
|
CWE-22
Path Traversal
|
CVE-2014-9574
|
2024-11-21 11:21 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281473
|
- |
|
voxpupuli
|
rabbitmq
|
puppetlabs-rabbitmq 3.0 through 4.1 stores the RabbitMQ Erlang cookie value in the facts of a node, which allows local users to obtain sensitive information as demonstrated by using Facter.
|
CWE-200
Information Exposure
|
CVE-2014-9568
|
2024-11-21 11:21 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281474
|
- |
|
snipsnap
|
snipsnap
|
Cross-site scripting (XSS) vulnerability in SnipSnap 0.5.2a, 1.0b1, and 1.0b2 allows remote attackers to inject arbitrary web script or HTML via the query parameter to /snipsnap-search.
|
CWE-79
Cross-site Scripting
|
CVE-2014-9559
|
2024-11-21 11:21 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281475
|
- |
|
libmspack_project
|
libmspack
|
Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop.
|
CWE-189
Numeric Errors
|
CVE-2014-9556
|
2024-11-21 11:21 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281476
|
- |
|
vmware
|
rabbitmq
|
CRLF injection vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks…
|
NVD-CWE-Other
|
CVE-2014-9650
|
2024-11-21 11:21 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281477
|
- |
|
vmware
|
rabbitmq
|
Cross-site scripting (XSS) vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the path info to api/…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9649
|
2024-11-21 11:21 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281478
|
- |
|
google
|
chrome
|
components/navigation_interception/intercept_navigation_resource_throttle.cc in Google Chrome before 40.0.2214.91 on Android does not properly restrict use of intent: URLs to open an application afte…
|
CWE-284
Improper Access Control
|
CVE-2014-9648
|
2024-11-21 11:21 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281479
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in PDFium, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF …
|
NVD-CWE-Other
|
CVE-2014-9647
|
2024-11-21 11:21 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281480
|
- |
|
google
|
chrome
|
Unquoted Windows search path vulnerability in the GoogleChromeDistribution::DoPostUninstallOperations function in installer/util/google_chrome_distribution.cc in the uninstall-survey feature in Googl…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9646
|
2024-11-21 11:21 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
