|
276911
|
- |
|
symantec
|
web_gateway
|
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP sc…
|
CWE-77
Command Injection
|
CVE-2014-7285
|
2024-11-21 11:16 |
2014-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276912
|
- |
|
k7computing
|
k7firewall_packet_driver
|
Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-7136
|
2024-11-21 11:16 |
2014-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276913
|
- |
|
linpha
|
linpha
|
Cross-site scripting (XSS) vulnerability in LinPHA allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-7265
|
2024-11-21 11:16 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276914
|
- |
|
bsd
freebsd
netbsd
openbsd
|
bsd
freebsd
netbsd
openbsd
|
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of…
|
CWE-399
Resource Management Errors
|
CVE-2014-7250
|
2024-11-21 11:16 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276915
|
- |
|
ultrapop
|
i-httpd
|
Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP header, a different vulnerability than CVE-2014-7261.
|
CWE-79
Cross-site Scripting
|
CVE-2014-7263
|
2024-11-21 11:16 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276916
|
- |
|
ultrapop
|
i-httpd
|
Cross-site scripting (XSS) vulnerability in the Omake BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string.
|
CWE-79
Cross-site Scripting
|
CVE-2014-7262
|
2024-11-21 11:16 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276917
|
- |
|
ultrapop
|
i-httpd
|
Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string that is improperly rendered during construction of …
|
CWE-79
Cross-site Scripting
|
CVE-2014-7261
|
2024-11-21 11:16 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276918
|
- |
|
ultrapop
|
i-httpd
|
The Server Side Includes (SSI) implementation in the File Upload BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to execute arbitrary commands by uploading files containing commands in S…
|
CWE-94
Code Injection
|
CVE-2014-7260
|
2024-11-21 11:16 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276919
|
- |
|
chyrp
|
chyrp
|
Multiple cross-site scripting (XSS) vulnerabilities in admin/themes/default/pages/manage_users.twig in the Users Management feature in the admin component in Chyrp before 2.5.1 allow remote authentic…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7264
|
2024-11-21 11:16 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276920
|
- |
|
joyent
|
node.js
|
Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote attackers to exec…
|
CWE-94
Code Injection
|
CVE-2014-7192
|
2024-11-21 11:16 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
