|
281881
|
- |
|
clorius_controls_a\/s
|
java_web_client
|
The Clorius Controls Java web client before 01.00.0009g allows remote attackers to discover credentials by sniffing the network for cleartext-equivalent traffic.
|
CWE-200
Information Exposure
|
CVE-2014-9199
|
2024-11-21 11:20 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281882
|
- |
|
phoenixcontact-software
|
multiprog
proconos_eclr
|
Phoenix Contact ProConOs and MultiProg do not require authentication, which allows remote attackers to execute arbitrary commands via protocol-compliant traffic.
|
CWE-255
Credentials Management
|
CVE-2014-9195
|
2024-11-21 11:20 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281883
|
- |
|
arbiter
|
1094b_gps_substation_clock
|
Arbiter 1094B GPS Substation Clock allows remote attackers to cause a denial of service (disruption) via crafted radio transmissions that spoof GPS satellite broadcasts.
|
CWE-19
Data Processing Errors
|
CVE-2014-9194
|
2024-11-21 11:20 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281884
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in the Hovercards extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via vectors related to text extracts.
|
CWE-79
Cross-site Scripting
|
CVE-2014-9480
|
2024-11-21 11:20 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281885
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in the preview in the TemplateSandbox extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via the text parameter to Special…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9479
|
2024-11-21 11:20 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281886
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in the preview in the ExpandTemplates extension for MediaWiki, when $wgRawHTML is set to true, allows remote attackers to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2014-9478
|
2024-11-21 11:20 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281887
|
- |
|
mediawiki
|
mediawiki
|
Multiple cross-site scripting (XSS) vulnerabilities in the Listings extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) url parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-9477
|
2024-11-21 11:20 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281888
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki 1.2x before 1.22.15, 1.23.x before 1.23.8, and 1.24.x before 1.24.1 allows remote attackers to bypass CORS restrictions in $wgCrossSiteAJAXdomains via a domain that has a partial match to a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9476
|
2024-11-21 11:20 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281889
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.19.23, 1.2x before 1.22.15, 1.23.x before 1.23.8, and 1.24.x before 1.24.1 allows remote authenticated users to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9475
|
2024-11-21 11:20 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281890
|
- |
|
gnu
canonical
|
coreutils
ubuntu_linux
|
The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=…
|
NVD-CWE-noinfo
|
CVE-2014-9471
|
2024-11-21 11:20 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
