|
282421
|
8.8 |
HIGH
Network
|
ui
|
unifi_controller
airvision_controller
mfi_controller
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Ubiquiti Networks UniFi Controller before 3.2.1 allow remote attackers to hijack the authentication of administrators for requests that (…
|
CWE-352
Origin Validation Error
|
CVE-2014-2225
|
2024-11-21 11:05 |
2020-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282422
|
8.8 |
HIGH
Network
|
imagemagick
canonical
opensuse
|
imagemagick
ubuntu_linux
opensuse
|
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary…
|
CWE-787
Out-of-bounds Write
|
CVE-2014-2030
|
2024-11-21 11:05 |
2020-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282423
|
8.8 |
HIGH
Network
|
imagemagick
canonical
opensuse
|
imagemagick
ubuntu_linux
opensuse
|
Buffer overflow in the DecodePSDPixels function in coders/psd.c in ImageMagick before 6.8.8-5 might allow remote attackers to execute arbitrary code via a crafted PSD image, involving the L%06ld stri…
|
CWE-120
Classic Buffer Overflow
|
CVE-2014-1958
|
2024-11-21 11:05 |
2020-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282424
|
9.8 |
CRITICAL
Network
|
unitedplanet
|
intrexx
|
Unrestricted file upload vulnerability in an unspecified third party tool in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attacke…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2014-2025
|
2024-11-21 11:05 |
2020-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282425
|
9.8 |
CRITICAL
Network
|
koha
|
koha
|
SQL injection vulnerability in the MARC framework import/export function (admin/import_export_framework.pl) in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14…
|
CWE-89
SQL Injection
|
CVE-2014-1925
|
2024-11-21 11:05 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282426
|
9.8 |
CRITICAL
Network
|
koha
|
koha
|
The MARC framework import/export function (admin/import_export_framework.pl) in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 does not require authenticat…
|
CWE-89
SQL Injection
|
CVE-2014-1924
|
2024-11-21 11:05 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282427
|
7.5 |
HIGH
Network
|
koha
|
koha
|
Multiple directory traversal vulnerabilities in the (1) staff interface help editor (edithelp.pl) or (2) member-picupload.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3…
|
CWE-22
Path Traversal
|
CVE-2014-1923
|
2024-11-21 11:05 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282428
|
7.5 |
HIGH
Network
|
koha
|
koha
|
Absolute path traversal vulnerability in tools/pdfViewer.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 allows remote attackers to read arbitrary fil…
|
CWE-22
Path Traversal
|
CVE-2014-1922
|
2024-11-21 11:05 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282429
|
6.5 |
MEDIUM
Network
|
owncloud
|
owncloud
|
Cross-site request forgery (CSRF) vulnerability in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2 allows remote attackers to hijack the authentication of users for requests that reset passwords…
|
CWE-352
Origin Validation Error
|
CVE-2014-2050
|
2024-11-21 11:05 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282430
|
8.1 |
HIGH
Network
|
wps
huawei
|
wps_office
p2-6011_firmware
|
cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, …
|
CWE-20
Improper Input Validation
|
CVE-2014-2271
|
2024-11-21 11:05 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
