|
281671
|
- |
|
websense
|
triton_web_security_gateway
triton_web_security_gateway_anywhere
triton_web_filter
triton_web_security
triton_ap_web
|
Multiple cross-site scripting (XSS) vulnerabilities in the Investigative Reports in Websense TRITON AP-WEB before 8.0.0 and Web Security and Filter, Web Security Gateway, and Web Security Gateway Any…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9711
|
2024-11-21 11:21 |
2015-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281672
|
- |
|
ecryptfs
|
ecryptfs-utils
|
eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack.
|
CWE-255
Credentials Management
|
CVE-2014-9687
|
2024-11-21 11:21 |
2015-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281673
|
- |
|
solarwinds
|
orion_netflow_traffic_analyzer
orion_web_performance_monitor
orion_network_configuration_manager
orion_user_device_tracker
orion_ip_address_manager
orion_voip_\&_network_quality_ma…
|
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwinds Orion Platform 2015.1, as used in Network Performance Monitor (NPM) before 1…
|
CWE-89
SQL Injection
|
CVE-2014-9566
|
2024-11-21 11:21 |
2015-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281674
|
- |
|
google
|
chrome
|
content/renderer/device_sensors/device_orientation_event_pump.cc in Google Chrome before 41.0.2272.76 does not properly restrict access to high-rate gyroscope data, which makes it easier for remote a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9689
|
2024-11-21 11:21 |
2015-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281675
|
- |
|
ninjaforms
|
ninja_forms
|
Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users.
|
NVD-CWE-noinfo
|
CVE-2014-9688
|
2024-11-21 11:21 |
2015-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281676
|
- |
|
canonical
linux
|
ubuntu_linux
linux_kernel
|
Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buf…
|
CWE-189
Numeric Errors
|
CVE-2014-9683
|
2024-11-21 11:21 |
2015-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281677
|
- |
|
linux
debian
canonical
oracle
|
linux_kernel
debian_linux
ubuntu_linux
linux
|
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the…
|
CWE-269
Improper Privilege Management
|
CVE-2014-9644
|
2024-11-21 11:21 |
2015-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281678
|
- |
|
dns-sync_project
|
dns-sync
|
The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.
|
CWE-77
Command Injection
|
CVE-2014-9682
|
2024-11-21 11:21 |
2015-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281679
|
- |
|
ffmpeg
|
ffmpeg
|
The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memo…
|
NVD-CWE-Other
|
CVE-2014-9676
|
2024-11-21 11:21 |
2015-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281680
|
- |
|
vanillaforums
|
vanilla_forums
vanilla
|
Multiple cross-site scripting (XSS) vulnerabilities in Vanilla Forums before 2.0.18.13 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-9685
|
2024-11-21 11:21 |
2015-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
