|
282011
|
- |
|
f5
|
big-iq
|
F5 BIG-IQ Cloud and Security 4.0.0 through 4.1.0 allows remote authenticated users to change the password of arbitrary users via the name parameter in a request to the user's page in mgmt/shared/auth…
|
CWE-255
Credentials Management
|
CVE-2014-3220
|
2024-11-21 11:07 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282012
|
- |
|
phplist
|
phplist
|
Cross-site request forgery (CSRF) vulnerability in the subscription page editor (spageedit) in phpList before 3.0.6 allows remote attackers to hijack the authentication of administrators via a reques…
|
CWE-352
Origin Validation Error
|
CVE-2014-2916
|
2024-11-21 11:07 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282013
|
- |
|
xen
|
xen
|
Xen 4.4.x, when running on an ARM system, does not properly context switch the CNTKCTL_EL1 register, which allows local guest users to modify the hardware timers and cause a denial of service (crash)…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3125
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282014
|
- |
|
sitepark
|
information_enterprise_server
|
Sitepark Information Enterprise Server (IES) 2.9 before 2.9.6, when upgraded from an earlier version, does not properly restrict access, which allows remote attackers to change the manager account pa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3006
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282015
|
- |
|
freebsd
|
freebsd
|
The device file system (aka devfs) in FreeBSD 10.0 before p2 does not load default rulesets when booting, which allows context-dependent attackers to bypass intended restrictions by leveraging a jail…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3001
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282016
|
- |
|
freebsd
|
freebsd
|
The TCP reassembly function in the inet module in FreeBSD 8.3 before p16, 8.4 before p9, 9.1 before p12, 9.2 before p5, and 10.0 before p2 allows remote attackers to cause a denial of service (undefi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3000
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282017
|
- |
|
fishshell
|
fish
|
fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user per…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2905
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282018
|
- |
|
unitrends
|
enterprise_backup
|
recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 allows remote attackers to bypass authentication by setting the auth parameter to a certain string.
|
CWE-287
Improper Authentication
|
CVE-2014-3139
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282019
|
- |
|
xerox
|
docushare
|
SQL injection vulnerability in Xerox DocuShare before 6.53 Patch 6 Hotfix 2, 6.6.1 Update 1 before Hotfix 24, and 6.6.1 Update 2 before Hotfix 3 allows remote authenticated users to execute arbitrary…
|
CWE-89
SQL Injection
|
CVE-2014-3138
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282020
|
- |
|
citrix
|
netscaler_access_gateway_firmware
netscaler_application_delivery_controller_firmware
netscaler_access_gateway
netscaler_application_delivery_controller
|
Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and …
|
NVD-CWE-noinfo
|
CVE-2014-2882
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
