|
279931
|
- |
|
westerndigital
|
arkeia_virtual_appliance_firmware
|
Directory traversal vulnerability in opt/arkeia/wui/htdocs/index.php in the WD Arkeia virtual appliance (AVA) with firmware before 10.2.9 allows remote attackers to read arbitrary files and execute a…
|
CWE-22
Path Traversal
|
CVE-2014-2846
|
2024-11-21 11:07 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279932
|
- |
|
pythonware
python
|
python_imaging_library
pillow
|
Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possib…
|
CWE-78
OS Command
|
CVE-2014-3007
|
2024-11-21 11:07 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279933
|
- |
|
acunetix
|
web_vulnerability_scanner
|
Stack-based buffer overflow in Acunetix Web Vulnerability Scanner (WVS) 8 build 20120704 allows remote attackers to execute arbitrary code via an HTML file containing an IMG element with a long URL (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2994
|
2024-11-21 11:07 |
2014-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279934
|
- |
|
linux
|
linux_kernel
|
Off-by-one error in the bpf_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 3.1.8, when BPF JIT is enabled, allows local users to cause a denial of service (system cras…
|
CWE-189
Numeric Errors
|
CVE-2014-2889
|
2024-11-21 11:07 |
2014-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279935
|
- |
|
birebin
|
birebin.com_app
|
The Birebin.com application for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted c…
|
CWE-310
Cryptographic Issues
|
CVE-2014-2993
|
2024-11-21 11:07 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279936
|
- |
|
misli
|
misli.com_app
|
The Misli.com application for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted cer…
|
CWE-310
Cryptographic Issues
|
CVE-2014-2992
|
2024-11-21 11:07 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279937
|
- |
|
xcloner
|
xcloner
|
XCloner Standalone 3.5 and earlier, when enable_db_backup and sql_mem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackup_co…
|
CWE-94
Code Injection
|
CVE-2014-2996
|
2024-11-21 11:07 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279938
|
- |
|
siemens
|
simatic_s7_cpu_1200_firmware
simatic_s7_cpu-1211c
simatic_s7_cpu_1212c
simatic_s7_cpu_1214c
simatic_s7_cpu_1215c
simatic_s7_cpu_1217c
|
CRLF injection vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary HTTP headers via unspecified vectors.
|
CWE-94
Code Injection
|
CVE-2014-2909
|
2024-11-21 11:07 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279939
|
- |
|
siemens
|
simatic_s7_cpu_1200_firmware
simatic_s7_cpu-1211c
simatic_s7_cpu_1212c
simatic_s7_cpu_1214c
simatic_s7_cpu_1215c
simatic_s7_cpu_1217c
|
Cross-site scripting (XSS) vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary web script or HTML via unspecified…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2908
|
2024-11-21 11:07 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279940
|
- |
|
xen
|
xen
|
Xen 4.4.x, when running on ARM systems, does not properly restrict access to hardware features, which allows local guest users to cause a denial of service (host or guest crash) via unspecified vecto…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2915
|
2024-11-21 11:07 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
