|
282501
|
- |
|
microsoft
|
web_applications
|
Microsoft Web Applications 2010 SP1 and SP2 allows remote authenticated users to execute arbitrary code via crafted page content, aka "Web Applications Page Content Vulnerability."
|
CWE-94
Code Injection
|
CVE-2014-1813
|
2024-11-21 11:05 |
2014-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282502
|
- |
|
microsoft
|
office
|
The MSCOMCTL library in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013 Gold, SP1, RT, and RT SP1 makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted web …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1809
|
2024-11-21 11:05 |
2014-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282503
|
- |
|
microsoft
|
office
|
Microsoft Office 2013 Gold, SP1, RT, and RT SP1 allows remote attackers to obtain sensitive token information via a web site that sends a crafted response during opening of an Office document, aka "T…
|
CWE-200
Information Exposure
|
CVE-2014-1808
|
2024-11-21 11:05 |
2014-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282504
|
- |
|
microsoft
|
windows_server_2008
windows_server_2012
windows_rt
windows_8.1
windows_7
windows_rt_8.1
windows_vista
windows_8
windows_server_2003
|
The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1807
|
2024-11-21 11:05 |
2014-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282505
|
- |
|
microsoft
|
.net_framework
|
The .NET Remoting implementation in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly restrict memory access, which allows remote attackers to execute arbitra…
|
CWE-94
Code Injection
|
CVE-2014-1806
|
2024-11-21 11:05 |
2014-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282506
|
- |
|
broadcom
|
pipa_c211_web_interface
pipa_c211
|
cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to (1) obtain credentials and other sensitive information vi…
|
CWE-310
Cryptographic Issues
|
CVE-2014-2046
|
2024-11-21 11:05 |
2014-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282507
|
- |
|
opensuse
google
|
opensuse
android_debug_bridge
android_sdk_platform_tools
|
Integer signedness error in system/core/adb/adb_client.c in Android Debug Bridge (ADB) for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a nega…
|
CWE-189
Numeric Errors
|
CVE-2014-1909
|
2024-11-21 11:05 |
2014-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282508
|
- |
|
foscam
|
ip_camera_firmware
|
Foscam IP camera 11.37.2.49 and other versions, when using the Foscam DynDNS option, generates credentials based on predictable camera subdomain names, which allows remote attackers to spoof or hijac…
|
CWE-255
Credentials Management
|
CVE-2014-1849
|
2024-11-21 11:05 |
2014-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282509
|
- |
|
intra-mart
|
webplatform\/appframework
|
Open redirect vulnerability in WebPlatform / AppFramework 6.0 through 7.2 in NTT DATA INTRAMART intra-mart allows remote attackers to redirect users to arbitrary web sites and conduct phishing attack…
|
CWE-20
Improper Input Validation
|
CVE-2014-1991
|
2024-11-21 11:05 |
2014-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282510
|
- |
|
travis_shirk
opensuse
|
eyed3
opensuse
|
tag.py in eyeD3 (aka python-eyed3) 7.0.3, 0.6.18, and earlier for Python allows local users to modify arbitrary files via a symlink attack on a temporary file.
|
CWE-59
Link Following
|
CVE-2014-1934
|
2024-11-21 11:05 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
