|
277131
|
- |
|
ibm
|
websphere_portal
|
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 through 8.0.0.1 CF18, and 8.5.0 before CF08 improperly restricts resource access, which …
|
CWE-284
Improper Access Control
|
CVE-2014-8912
|
2024-11-21 11:19 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277132
|
- |
|
ibm
|
openpages_grc_platform
|
Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8916
|
2024-11-21 11:19 |
2015-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277133
|
- |
|
apple
freebsd
|
iphone_os
freebsd
mac_os_x
|
The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8611
|
2024-11-21 11:19 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277134
|
- |
|
checkmarx
|
cxsast
|
Checkmarx CxSAST (formerly CxSuite) before 7.1.8 allows remote authenticated users to bypass the CxQL sandbox protection mechanism and execute arbitrary C# code by asserting the (1) System.Security.P…
|
CWE-94
Code Injection
|
CVE-2014-8778
|
2024-11-21 11:19 |
2015-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277135
|
- |
|
polarssl
|
polarssl
|
Memory leak in PolarSSL before 1.2.12 and 1.3.x before 1.3.9 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted X.509 certificates. NOTE: this id…
|
CWE-399
Resource Management Errors
|
CVE-2014-8628
|
2024-11-21 11:19 |
2015-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277136
|
- |
|
ibm
|
db2
|
IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to read arbitrary text files via a crafted XML/XSLT func…
|
CWE-74
Injection
|
CVE-2014-8910
|
2024-11-21 11:19 |
2015-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277137
|
- |
|
adobe
|
acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc
|
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 o…
|
CWE-200
Information Exposure
|
CVE-2014-8450
|
2024-11-21 11:19 |
2015-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277138
|
- |
|
xcloner
|
xcloner
|
The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! provides the MySQL username and password on the command line, which allows local users to obtain sensitive information via the ps command.
|
CWE-200
Information Exposure
|
CVE-2014-8607
|
2024-11-21 11:19 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277139
|
- |
|
xcloner
|
xcloner
|
Directory traversal vulnerability in the XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! allows remote administrators to read arbitrary files via a .. (dot dot) in the file parameter in a js…
|
CWE-22
Path Traversal
|
CVE-2014-8606
|
2024-11-21 11:19 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277140
|
- |
|
xcloner
|
xcloner
|
The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! stores database backup files with predictable names under the web root with insufficient access control, which allows remote attackers to …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8605
|
2024-11-21 11:19 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
