|
280251
|
- |
|
ruby-lang
|
ruby
|
The openssl extension in Ruby 2.x does not properly maintain the state of process memory after a file is reopened, which allows remote attackers to spoof signatures within the context of a Ruby scrip…
|
CWE-399
Resource Management Errors
|
CVE-2014-2734
|
2024-11-21 11:06 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280252
|
- |
|
hp
|
integrated_lights-out_2_firmware
|
The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 v…
|
NVD-CWE-noinfo
|
CVE-2014-2601
|
2024-11-21 11:06 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280253
|
- |
|
modx
|
modx_revolution
|
Multiple SQL injection vulnerabilities in MODX Revolution before 2.2.14 allow remote attackers to execute arbitrary SQL commands via the (1) session ID (PHPSESSID) to index.php or remote authenticate…
|
CWE-89
SQL Injection
|
CVE-2014-2736
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280254
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite 7.4.1 before 7.4.1-rev11 and 7.4.2 before 7.4.2-rev13 allows remote attackers to inject arbitrary web script or HTML via a Drive file…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2393
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280255
|
- |
|
open-xchange
|
open-xchange_appsuite
|
The E-Mail autoconfiguration feature in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 places a password in a GET request, which allows remote attack…
|
CWE-200
Information Exposure
|
CVE-2014-2392
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280256
|
- |
|
open-xchange
|
open-xchange_appsuite
|
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string represen…
|
CWE-200
Information Exposure
|
CVE-2014-2391
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280257
|
- |
|
cacti
debian
|
cacti
debian_linux
|
lib/rrd.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified parameters.
|
NVD-CWE-Other
|
CVE-2014-2709
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280258
|
- |
|
opensuse
otrs
|
opensuse
otrs
|
OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote attackers to conduct clickjacking attacks via an IFRAME element.
|
CWE-20
Improper Input Validation
|
CVE-2014-2554
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280259
|
- |
|
cacti
fedoraproject
opensuse
debian
|
cacti
fedora
opensuse
debian_linux
|
lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2014-2328
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280260
|
- |
|
cacti
debian
opensuse
|
cacti
debian_linux
opensuse
|
Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by request…
|
CWE-352
Origin Validation Error
|
CVE-2014-2327
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
