|
278261
|
- |
|
apple
|
mac_os_x
|
Buffer overflow in QuickTime in Apple OS X before 10.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted audio samples in an m4a file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4351
|
2024-11-21 11:10 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278262
|
- |
|
textpattern
|
textpattern
|
Cross-site scripting (XSS) vulnerability in Textpattern CMS before 4.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to setup/index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4737
|
2024-11-21 11:10 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278263
|
- |
|
ibm
|
websphere_portal
|
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 before 8.0.0.1 CF14, and 8.5.0 through 8.5.0.0 CF02 allows remote authenticated users to dis…
|
CWE-200
Information Exposure
|
CVE-2014-4761
|
2024-11-21 11:10 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278264
|
- |
|
hp
|
records_manager
|
Cross-site scripting (XSS) vulnerability in HP Records Manager before 7.3.5 and 8.x before 8.1 Patch 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4661
|
2024-11-21 11:10 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278265
|
- |
|
ibm
|
business_process_manager
|
The Saved Search Admin component in the Process Admin Console in IBM Business Process Manager (BPM) 8.0 through 8.5.5 does not properly restrict task and instance listings in result sets, which allow…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4802
|
2024-11-21 11:10 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278266
|
- |
|
debian
|
apt-cacher
|
Cross-site scripting (XSS) vulnerability in job.cc in apt-cacher-ng 0.7.26 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-352
Origin Validation Error
|
CVE-2014-4510
|
2024-11-21 11:10 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278267
|
- |
|
ibm
|
security_access_manager_for_web_7.0_firmware
security_access_manager_for_web_appliance
security_access_manager_for_web_8.0_firmware
security_access_manager_for_mobile_8.0_firmware
securit…
|
The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM…
|
CWE-78
OS Command
|
CVE-2014-4823
|
2024-11-21 11:10 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278268
|
- |
|
ibm
|
security_access_manager_for_web_8.0_firmware
security_access_manager_for_web_appliance
security_access_manager_for_web_7.0_firmware
|
The WebSEAL component in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, when e-community SSO is enabled, allows remote attackers to cause a d…
|
NVD-CWE-noinfo
|
CVE-2014-4809
|
2024-11-21 11:10 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278269
|
- |
|
ibm
|
websphere_mq
|
IBM WebSphere MQ 8.x before 8.0.0.1 does not properly enforce CHLAUTH rules for blocking client connections in certain circumstances related to the CONNAUTH attribute, which allows remote authenticat…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4793
|
2024-11-21 11:10 |
2014-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278270
|
- |
|
ibm
|
maximo_asset_management
maximo_for_utilities
maximo_for_life_sciences
maximo_for_nuclear_power
maximo_for_oil_and_gas
tivoli_service_request_manager
maximo_for_transportation
sma…
|
IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5 through 7.5.0.6, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Managem…
|
CWE-200
Information Exposure
|
CVE-2014-4765
|
2024-11-21 11:10 |
2014-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
