|
280511
|
- |
|
freeradius
|
freeradius
|
Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2015
|
2024-11-21 11:05 |
2014-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280512
|
- |
|
python-gnupg_project
|
python-gnupg
|
python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists b…
|
CWE-20
Improper Input Validation
|
CVE-2014-1929
|
2024-11-21 11:05 |
2014-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280513
|
- |
|
python-gnupg_project
|
python-gnupg
|
The shell_quote function in python-gnupg 0.3.5 does not properly escape characters, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors,…
|
CWE-20
Improper Input Validation
|
CVE-2014-1928
|
2024-11-21 11:05 |
2014-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280514
|
- |
|
python-gnupg_project
|
python-gnupg
|
The shell_quote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as …
|
CWE-20
Improper Input Validation
|
CVE-2014-1927
|
2024-11-21 11:05 |
2014-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280515
|
- |
|
vbulletin
|
vbulletin
|
Cross-site scripting (XSS) vulnerability in admincp/apilog.php in vBulletin 4.2.2 and earlier, and 5.0.x through 5.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a c…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2021
|
2024-11-21 11:05 |
2014-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280516
|
- |
|
openx
|
openx
|
Open redirect vulnerability in the header function in adclick.php in OpenX 2.8.10 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL i…
|
NVD-CWE-Other
|
CVE-2014-2230
|
2024-11-21 11:05 |
2014-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280517
|
- |
|
iii
|
vtls-virtua
|
Multiple SQL injection vulnerabilities in the login in web_reports/cgi-bin/InfoStation.cgi in Innovative vtls-Virtua before 2013.2.4 and 2014.x before 2014.1.1 allow remote attackers to execute arbit…
|
CWE-89
SQL Injection
|
CVE-2014-2081
|
2024-11-21 11:05 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280518
|
- |
|
seeddms
|
seeddms
|
Multiple directory traversal vulnerabilities in SeedDMS (formerly LetoDMS and MyDMS) before 4.3.4 allow (1) remote authenticated users with access to the LogManagement functionality to read arbitrary…
|
CWE-22
Path Traversal
|
CVE-2014-2279
|
2024-11-21 11:05 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280519
|
- |
|
seeddms
|
seeddms
|
Unrestricted file upload vulnerability in op/op.AddFile2.php in SeedDMS (formerly LetoDMS and MyDMS) before 4.3.4 allows remote attackers to execute arbitrary code by uploading a file with an executa…
|
CWE-20
Improper Input Validation
|
CVE-2014-2278
|
2024-11-21 11:05 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280520
|
- |
|
jenkins
|
jenkins
|
The doIndex function in hudson/util/RemotingDiagnostics.java in CloudBees Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users with the ADMINISTER permission to obtain sensit…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2068
|
2024-11-21 11:05 |
2014-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
