|
280211
|
- |
|
tibco
|
rendezvous
messaging_appliance
substantiation_es
|
The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance befo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2541
|
2024-11-21 11:06 |
2014-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280212
|
- |
|
microsoft
|
office
|
The XML parser in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013, and Office for Mac 2011, does not properly detect recursion during entity expansion, which allows remote attackers to cause a …
|
CWE-399
Resource Management Errors
|
CVE-2014-2730
|
2024-11-21 11:06 |
2014-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280213
|
- |
|
hp
|
icewall_sso_password_reset_option
icewall_identity_manager
|
Unspecified vulnerability in HP IceWall Identity Manager 4.0 through SP1 and 5.0 and IceWall SSO 10.0 Password Reset Option, when Apache Commons FileUpload is used, allows remote authenticated users …
|
NVD-CWE-noinfo
|
CVE-2014-2600
|
2024-11-21 11:06 |
2014-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280214
|
- |
|
xcloner
|
xcloner
|
Cross-site request forgery (CSRF) vulnerability in the XCloner plugin before 3.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that create websit…
|
CWE-352
Origin Validation Error
|
CVE-2014-2340
|
2024-11-21 11:06 |
2014-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280215
|
- |
|
postfix_admin_project
|
postfix_admin
|
SQL injection vulnerability in the gen_show_status function in functions.inc.php in Postfix Admin (aka postfixadmin) before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands v…
|
CWE-89
SQL Injection
|
CVE-2014-2655
|
2024-11-21 11:06 |
2014-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280216
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk before 5.0.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2578
|
2024-11-21 11:06 |
2014-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280217
|
- |
|
otrs
|
otrs
|
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote authenticated users to inject arbitrary we…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2553
|
2024-11-21 11:06 |
2014-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280218
|
- |
|
linux
fedoraproject
oracle
|
linux_kernel
fedora
linux
|
The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecifi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2014-2678
|
2024-11-21 11:06 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280219
|
- |
|
linux
|
linux_kernel
|
The arch_dup_task_struct function in the Transactional Memory (TM) implementation in arch/powerpc/kernel/process.c in the Linux kernel before 3.13.7 on the powerpc platform does not properly interact…
|
CWE-20
Improper Input Validation
|
CVE-2014-2673
|
2024-11-21 11:06 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280220
|
- |
|
linux
|
linux_kernel
|
Race condition in the ath_tx_aggr_sleep function in drivers/net/wireless/ath/ath9k/xmit.c in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via a l…
|
CWE-362
Race Condition
|
CVE-2014-2672
|
2024-11-21 11:06 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
