|
278221
|
- |
|
omeka
|
omeka
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka before 2.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) add a new super user accou…
|
CWE-352
Origin Validation Error
|
CVE-2014-5100
|
2024-11-21 11:11 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278222
|
- |
|
reviewboard
|
review_board
|
Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via a query parameter to a diff frag…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5027
|
2024-11-21 11:11 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278223
|
- |
|
sonicwall
|
uma_em5000
global_management_system
analyzer
|
Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS, Analyzer, and UMA before 7.2 SP1 allows remote attackers to inject arbitrary web script or HTML via the node_id pa…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5024
|
2024-11-21 11:11 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278224
|
- |
|
netbsd
eterna
|
netbsd
bozohttpd
|
bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions, which allows remote attackers to bypass the HTTP authentication scheme an…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5015
|
2024-11-21 11:11 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278225
|
- |
|
netgear
acme
dlink
|
wgr614
micro_httpd
mr-adsl-dg834
dsl2750u
dsl2740u
|
Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DSL2740U and NetGear WGR614 and MR-ADSL-DG834 routers allows remote attackers to cause a denial of service (crash) via a long strin…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4927
|
2024-11-21 11:11 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278226
|
- |
|
x
|
xf86-video-intel
|
Directory traversal vulnerability in tools/backlight_helper.c in X.Org xf86-video-intel 2.99.911 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the interface nam…
|
CWE-22
Path Traversal
|
CVE-2014-4910
|
2024-11-21 11:11 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278227
|
- |
|
tenable
|
nessus
web_ui
|
The /server/properties resource in Tenable Web UI before 2.3.5 for Nessus 5.2.3 through 5.2.7 allows remote attackers to obtain sensitive information via the token parameter.
|
CWE-200
Information Exposure
|
CVE-2014-4980
|
2024-11-21 11:11 |
2014-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278228
|
- |
|
citrix
|
xenserver
|
Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and earlier allows attackers to cause a denial of service and obtain sensitive information by modifying the guest virtual hard disk (V…
|
NVD-CWE-noinfo
|
CVE-2014-4948
|
2024-11-21 11:11 |
2014-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278229
|
- |
|
citrix
|
xenserver
|
Buffer overflow in the HVM graphics console support in Citrix XenServer 6.2 Service Pack 1 and earlier has unspecified impact and attack vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4947
|
2024-11-21 11:11 |
2014-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278230
|
- |
|
gitlist
|
gitlist
|
Repository.php in Gitter, as used in Gitlist, allows remote attackers with commit privileges to execute arbitrary commands via shell metacharacters in a branch name, as demonstrated by a "git checkou…
|
NVD-CWE-Other
|
CVE-2014-5023
|
2024-11-21 11:11 |
2014-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
