|
281311
|
- |
|
drupac
|
touch
|
Multiple cross-site scripting (XSS) vulnerabilities in the Touch theme 7.x-1.x before 7.x-1.9 for Drupal allow remote authenticated users with the Administer themes permission to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4303
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281312
|
- |
|
ham3d
|
ham3d_shop_engine
|
Cross-site scripting (XSS) vulnerability in rating/rating.php in HAM3D Shop Engine allows remote attackers to inject arbitrary web script or HTML via the ID parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4302
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281313
|
- |
|
ajenti
|
ajenti
|
Multiple cross-site scripting (XSS) vulnerabilities in the respond_error function in routing.py in Eugene Pankov Ajenti before 1.2.21.7 allow remote attackers to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4301
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281314
|
- |
|
ulli_horlacher
|
fex
|
Incomplete blacklist vulnerability in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allows remote attackers to conduct cross-site scripting (XSS) attacks via the addto parameter to fu…
|
NVD-CWE-Other
|
CVE-2014-3877
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281315
|
- |
|
ulli_horlacher
|
fex
|
Multiple cross-site scripting (XSS) vulnerabilities in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allow remote attackers to inject arbitrary web script or HTML via the (1) akey par…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3876
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281316
|
- |
|
dell
|
bsafe_share
|
The TLS implementation in EMC RSA BSAFE-Java Toolkits (aka Share for Java) supports the Extended Random extension during use of the Dual_EC_DRBG algorithm, which makes it easier for remote attackers …
|
CWE-310
Cryptographic Issues
|
CVE-2014-4193
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281317
|
- |
|
dell
|
bsafe_share
|
The Dual_EC_DRBG implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) processes certain requests for output bytes by considering only the requested byte count and not the use of cache…
|
CWE-310
Cryptographic Issues
|
CVE-2014-4192
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281318
|
- |
|
dell
|
bsafe_share
|
The TLS implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) sends a long series of random bytes during use of the Dual_EC_DRBG algorithm, which makes it easier for remote attackers t…
|
CWE-310
Cryptographic Issues
|
CVE-2014-4191
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281319
|
- |
|
powerpc-utils_project
|
powerpc-utils
|
snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passw…
|
CWE-310
Cryptographic Issues
|
CVE-2014-4040
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281320
|
- |
|
redhat
ppc64-diag_project
suse
|
enterprise_linux_server
ppc64-diag
linux_enterprise_server
|
ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does not properly restrict permissions for /tmp/diagSEsnap/snapH.tar.gz, which allows local users to obtain sensitive information by rea…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4039
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
