|
280671
|
- |
|
citrix
|
sharefile_mobile_for_tablets
sharefile_mobile
|
Citrix ShareFile Mobile and ShareFile Mobile for Tablets before 2.4.4 for Android do not verify X.509 certificates from SSL servers, which allow man-in-the-middle attackers to spoof servers and obtai…
|
CWE-310
Cryptographic Issues
|
CVE-2014-1910
|
2024-11-21 11:05 |
2014-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280672
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action.
|
CWE-79
Cross-site Scripting
|
CVE-2014-1879
|
2024-11-21 11:05 |
2014-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280673
|
- |
|
fine_free_file_project
php
canonical
debian
|
fine_free_file
php
ubuntu_linux
debian_linux
|
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2014-1943
|
2024-11-21 11:05 |
2014-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280674
|
- |
|
php
|
php
|
ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric …
|
CWE-189
Numeric Errors
|
CVE-2014-2020
|
2024-11-21 11:05 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280675
|
4.6 |
MEDIUM
Physics
|
apple
|
iphone_os
|
The iCloud subsystem in Apple iOS before 7.1 allows physically proximate attackers to bypass an intended password requirement, and turn off the Find My iPhone service or complete a Delete Account act…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2019
|
2024-11-21 11:05 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280676
|
- |
|
freepbx
sangoma
|
freepbx
|
admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the A…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1903
|
2024-11-21 11:05 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280677
|
- |
|
jetroplatforms
|
jetro_cockpit_secure_browsing
|
The client in Jetro COCKPIT Secure Browsing (JCSB) 4.3.1 and 4.3.3 does not validate the FileName element in an RDP_FILE_TRANSFER document, which allows remote JCSB servers to execute arbitrary progr…
|
CWE-20
Improper Input Validation
|
CVE-2014-1861
|
2024-11-21 11:05 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280678
|
- |
|
mozilla
|
thunderbird_esr
thunderbird
seamonkey
|
Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2018
|
2024-11-21 11:05 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280679
|
- |
|
sap
|
netweaver
|
Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetW…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1965
|
2024-11-21 11:05 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280680
|
- |
|
sap
|
netweaver
netweaver_exchange_infrastructure_\(bc-xi\)
|
Cross-site scripting (XSS) vulnerability in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2014-1964
|
2024-11-21 11:05 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
