|
280411
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in the quiz_question_tostring function in mod/quiz/editlib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2571
|
2024-11-21 11:06 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280412
|
- |
|
php
canonical
suse
redhat
debian
oracle
|
php
ubuntu_linux
linux_enterprise_server
linux_enterprise_software_development_kit
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_…
|
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a c…
|
CWE-476
NULL Pointer Dereference
|
CVE-2014-2497
|
2024-11-21 11:06 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280413
|
- |
|
trojita_project
|
trojita
|
The OpenConnectionTask::handleStateHelper function in Imap/Tasks/OpenConnectionTask.cpp in Trojita before 0.4.1 allows man-in-the-middle attackers to trigger use of cleartext for saving a message int…
|
CWE-200
Information Exposure
|
CVE-2014-2567
|
2024-11-21 11:06 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280414
|
- |
|
sir
|
gnuboard
|
Multiple SQL injection vulnerabilities in bbs/ajax.autosave.php in GNUboard 5.x and possibly earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) subject or (2) cont…
|
CWE-89
SQL Injection
|
CVE-2014-2339
|
2024-11-21 11:06 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280415
|
- |
|
sophos
|
unified_threat_management_software
unified_threat_management
|
Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
|
CWE-399
Resource Management Errors
|
CVE-2014-2537
|
2024-11-21 11:06 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280416
|
- |
|
intel
mcafee
|
expressway_cloud_access_360
cloud_identity_manager
cloud_single_sign_on
|
Directory traversal vulnerability in McAfee Cloud Identity Manager 3.0, 3.1, and 3.5.1, McAfee Cloud Single Sign On (MCSSO) before 4.0.1, and Intel Expressway Cloud Access 360-SSO 2.1 and 2.5 allows …
|
CWE-22
Path Traversal
|
CVE-2014-2536
|
2024-11-21 11:06 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280417
|
- |
|
mcafee
|
web_gateway
|
Directory traversal vulnerability in McAfee Web Gateway (MWG) 7.4.x before 7.4.1, 7.3.x before 7.3.2.6, and 7.2.0.9 and earlier allows remote authenticated users to read arbitrary files via a crafted…
|
CWE-22
Path Traversal
|
CVE-2014-2535
|
2024-11-21 11:06 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280418
|
- |
|
blackberry
|
qnx_neutrino_rtos
|
/sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading "bad parameter" lines in error messages, as demonstrated by reading the ro…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2534
|
2024-11-21 11:06 |
2014-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280419
|
- |
|
blackberry
|
qnx_neutrino_rtos
|
/sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2533
|
2024-11-21 11:06 |
2014-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280420
|
4.9 |
MEDIUM
Network
|
oracle
openbsd
|
communications_user_data_repository
openssh
|
sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring locate…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2532
|
2024-11-21 11:06 |
2014-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
