|
281931
|
- |
|
libmms_project
|
libmms
|
Heap-based buffer overflow in the get_answer function in mmsh.c in libmms before 0.6.4 allows remote attackers to execute arbitrary code via a long line in an MMS over HTTP (MMSH) server response.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2892
|
2024-11-21 11:07 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281932
|
- |
|
siege
|
phpmyid
|
Cross-site scripting (XSS) vulnerability in the wrap_html function in MyID.php in phpMyID 0.9 allows remote attackers to inject arbitrary web script or HTML via the openid_error parameter to MyID.con…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2890
|
2024-11-21 11:07 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281933
|
- |
|
t-mobile
asus
|
tm-ac1900
rt-ac68u_firmware
rt-ac68u
|
Cross-site scripting (XSS) vulnerability in Advanced_Wireless_Content.asp in ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote attackers to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2925
|
2024-11-21 11:07 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281934
|
- |
|
pimcore
|
pimcore
|
The getObjectByToken function in Newsletter.php in the Pimcore_Tool_Newsletter module in pimcore 1.4.9 through 2.1.0 does not properly handle an object obtained by unserializing a pathname, which all…
|
CWE-20
Improper Input Validation
|
CVE-2014-2922
|
2024-11-21 11:07 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281935
|
- |
|
pimcore
|
pimcore
|
The getObjectByToken function in Newsletter.php in the Pimcore_Tool_Newsletter module in pimcore 1.4.9 through 2.0.0 does not properly handle an object obtained by unserializing Lucene search data, w…
|
CWE-94
Code Injection
|
CVE-2014-2921
|
2024-11-21 11:07 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281936
|
- |
|
apple
|
cups
|
Cross-site scripting (XSS) vulnerability in scheduler/client.c in Common Unix Printing System (CUPS) before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, rela…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2856
|
2024-11-21 11:07 |
2014-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281937
|
- |
|
f-secure
|
secure_messaging_secure_gateway
|
Cross-site scripting (XSS) vulnerability in F-Secure Messaging Secure Gateway 7.5.0 before Patch 1862 allows remote authenticated administrators to inject arbitrary web script or HTML via the new par…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2844
|
2024-11-21 11:07 |
2014-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281938
|
- |
|
oracle
|
identity_manager
|
Open redirect vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to redirect users to arbitrary web …
|
CWE-20
Improper Input Validation
|
CVE-2014-2880
|
2024-11-21 11:07 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281939
|
- |
|
sonicwall
|
email_security_appliance
|
Multiple cross-site scripting (XSS) vulnerabilities in Dell SonicWALL Email Security 7.4.5 and earlier allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the upl…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2879
|
2024-11-21 11:07 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281940
|
- |
|
gopivotal
|
grails-resources
grails
|
Directory traversal vulnerability in the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 allows remote attackers to obtain sensitive information via unspecified vectors rel…
|
CWE-22
Path Traversal
|
CVE-2014-2858
|
2024-11-21 11:07 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
