|
281741
|
- |
|
b2evolution
|
b2evolution
|
Cross-site scripting (XSS) vulnerability in the filemanager in b2evolution before 5.2.1 allows remote attackers to inject arbitrary web script or HTML via the fm_filter parameter to blogs/admin.php.
|
CWE-79
Cross-site Scripting
|
CVE-2014-9599
|
2024-11-21 11:21 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281742
|
- |
|
panasonic
|
arbitrator_back-end_server_mk_3.0_vpu_firmware
arbitrator_back-end_server_mk_3.0_vpu
arbitrator_back-end_server_mk_2.0_vpu_firmware
arbitrator_back-end_server_mk_2.0_vpu
|
Panasonic Arbitrator Back-End Server (BES) MK 2.0 VPU before 9.3.1 build 4.08.003.0, when USB Wi-Fi or Direct LAN is enabled, and MK 3.0 VPU before 9.3.1 build 5.06.000.0, when Embedded Wi-Fi or Dire…
|
CWE-310
Cryptographic Issues
|
CVE-2014-9596
|
2024-11-21 11:21 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281743
|
- |
|
sap
|
sap_kernel
|
Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 32-bit and 7.40 64-bit allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspeci…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9595
|
2024-11-21 11:21 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281744
|
- |
|
sap
|
sap_kernel
|
Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 32-bit and 7.40 64-bit allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspeci…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9594
|
2024-11-21 11:21 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281745
|
- |
|
apache
|
cloudstack
|
Apache CloudStack before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to obtain private keys via a listSslCerts API call.
|
CWE-200
Information Exposure
|
CVE-2014-9593
|
2024-11-21 11:21 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281746
|
- |
|
roundcube
|
webmail
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Roundcube Webmail before 1.0.4 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, related to…
|
CWE-352
Origin Validation Error
|
CVE-2014-9587
|
2024-11-21 11:21 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281747
|
- |
|
mywebsiteadvisor
|
simple_security
|
Multiple cross-site scripting (XSS) vulnerabilities in the MyWebsiteAdvisor Simple Security plugin 1.1.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via th…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9570
|
2024-11-21 11:21 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281748
|
- |
|
softbb
|
softbb
|
Cross-site scripting (XSS) vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to inject arbitrary web script or HTML via the post parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-9561
|
2024-11-21 11:21 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281749
|
- |
|
softbb
|
softbb
|
SQL injection vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to execute arbitrary SQL commands via the post parameter.
|
CWE-89
SQL Injection
|
CVE-2014-9560
|
2024-11-21 11:21 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281750
|
- |
|
apple
libpng
|
mac_os_x
libpng
|
Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9495
|
2024-11-21 11:21 |
2015-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
