|
277661
|
- |
|
ntop
|
ntopng
|
Cross-site scripting (XSS) vulnerability in the nDPI traffic classification library in ntopng (aka ntop) before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host …
|
CWE-79
Cross-site Scripting
|
CVE-2014-5464
|
2024-11-21 11:12 |
2014-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277662
|
- |
|
srvx
|
srvx
|
Multiple integer overflows in the HelpServ module (mod-helpserv.c) in srvx 1.3.1 allow remote authenticated IRCops or HelpServ bot managers to cause a denial of service (infinite loop) via a large va…
|
CWE-189
Numeric Errors
|
CVE-2014-5508
|
2024-11-21 11:12 |
2014-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277663
|
- |
|
sap
|
crystal_reports
|
Double free vulnerability in SAP Crystal Reports allows remote attackers to execute arbitrary code via crafted connection string record in an RPT file.
|
NVD-CWE-Other
|
CVE-2014-5506
|
2024-11-21 11:12 |
2014-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277664
|
- |
|
sap
|
crystal_reports
|
Stack-based buffer overflow in SAP Crystal Reports allows remote attackers to execute arbitrary code via a crafted data source string in an RPT file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-5505
|
2024-11-21 11:12 |
2014-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277665
|
- |
|
solarwinds
|
log_and_event_manager
|
SolarWinds Log and Event Manager before 6.0 uses "static" credentials, which makes it easier for remote attackers to obtain access to the database and execute arbitrary code via unspecified vectors, …
|
CWE-255
Credentials Management
|
CVE-2014-5504
|
2024-11-21 11:12 |
2014-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277666
|
- |
|
opensuse
canonical
debian
lua
mageia
|
opensuse
ubuntu_linux
debian_linux
lua
mageia
|
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a fun…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-5461
|
2024-11-21 11:12 |
2014-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277667
|
- |
|
werdswords
|
download_shortcode
|
Directory traversal vulnerability in force-download.php in the Download Shortcode plugin 0.2.3 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file…
|
CWE-22
Path Traversal
|
CVE-2014-5465
|
2024-11-21 11:12 |
2014-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277668
|
- |
|
xrms_crm_project
|
xrms_crm
|
plugins/useradmin/fingeruser.php in XRMS CRM, possibly 1.99.2, allows remote authenticated users to execute arbitrary code via shell metacharacters in the username parameter.
|
CWE-89
SQL Injection
|
CVE-2014-5521
|
2024-11-21 11:12 |
2014-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277669
|
- |
|
hl7
|
c-cda
|
CDA.xsl in HL7 C-CDA 1.1 and earlier does not anticipate the possibility of invalid C-CDA documents with crafted XML attributes, which allows remote attackers to conduct XSS attacks via a document co…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5452
|
2024-11-21 11:12 |
2014-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277670
|
- |
|
linux
|
linux_kernel
|
The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service (unkillable mount process) via a crafted iso9660 ima…
|
CWE-20
Improper Input Validation
|
CVE-2014-5472
|
2024-11-21 11:12 |
2014-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
