|
282751
|
- |
|
samsung
|
findmymobile
mobile
|
The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (…
|
CWE-94
Code Injection
|
CVE-2014-8346
|
2024-11-21 11:18 |
2014-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282752
|
- |
|
openmrs
|
openmrs
|
Cross-site request forgery (CSRF) vulnerability in OpenMRS 2.1 Standalone Edition allows remote attackers to hijack the authentication of administrators for requests that add a new user via a Save Us…
|
CWE-352
Origin Validation Error
|
CVE-2014-8073
|
2024-11-21 11:18 |
2014-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282753
|
- |
|
openmrs
|
openmrs
|
The administration module in OpenMRS 2.1 Standalone Edition allows remote authenticated users to obtain read access via a direct request to /admin.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8072
|
2024-11-21 11:18 |
2014-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282754
|
- |
|
openmrs
|
openmrs
|
Multiple cross-site scripting (XSS) vulnerabilities in OpenMRS 2.1 Standalone Edition allow remote attackers to inject arbitrary web script or HTML via the (1) givenName, (2) familyName, (3) address1…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8071
|
2024-11-21 11:18 |
2014-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282755
|
- |
|
megapolis
|
megapolis.portal_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in Megapolis.Portal Manager allow remote attackers to inject arbitrary web script or HTML via the (1) dateFrom or (2) dateTo parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-8381
|
2024-11-21 11:18 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282756
|
- |
|
calender_base_project
|
calender_base
|
The Calendar Base (cal) extension before 1.5.9 and 1.6.x before 1.6.1 for TYPO3 allows remote attackers to cause a denial of service (resource consumption) via vectors related to the PHP PCRE library.
|
CWE-399
Resource Management Errors
|
CVE-2014-8325
|
2024-11-21 11:18 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282757
|
- |
|
zend
|
zend_framework
|
The (1) Zend_Ldap class in Zend before 1.12.9 and (2) Zend\Ldap component in Zend 2.x before 2.2.8 and 2.3.x before 2.3.3 allows remote attackers to bypass authentication via a password starting with…
|
CWE-287
Improper Authentication
|
CVE-2014-8088
|
2024-11-21 11:18 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282758
|
- |
|
redhat
|
virtual_desktop_service_manager
|
VDSM allows remote attackers to cause a denial of service (connection blocking) by keeping an SSL connection open.
|
CWE-310
Cryptographic Issues
|
CVE-2014-7968
|
2024-11-21 11:18 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282759
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk 6.1.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer Header in a "404 Not Found" response. NOTE: this vulnerab…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8380
|
2024-11-21 11:18 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282760
|
- |
|
marketo_ma_project
|
marketo_ma
|
Multiple cross-site scripting (XSS) vulnerabilities in the Marketo MA module before 7.x-1.5 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8379
|
2024-11-21 11:18 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
