|
278041
|
- |
|
brocade
|
vyatta_5400_vrouter_software
vyatta_5400_vrouter
|
The Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows attackers to obtain sensitive encrypted-password information by leveraging membership in the operator group.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4869
|
2024-11-21 11:11 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278042
|
- |
|
brocade
|
vyatta_5400_vrouter_software
vyatta_5400_vrouter
|
The management console on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows remote authenticated users to execute arbitrary Linux commands via shell metacharacters in a console comma…
|
CWE-78
OS Command
|
CVE-2014-4868
|
2024-11-21 11:11 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278043
|
- |
|
content_audit_project
|
content_audit
|
SQL injection vulnerability in content-audit-schedule.php in the Content Audit plugin before 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the "Audited content typ…
|
CWE-89
SQL Injection
|
CVE-2014-5389
|
2024-11-21 11:11 |
2014-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278044
|
- |
|
rockwellautomation
|
ab_micrologix_controller
|
The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause…
|
CWE-399
Resource Management Errors
|
CVE-2014-5410
|
2024-11-21 11:11 |
2014-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278045
|
- |
|
drupal
|
drupal
|
modules/openid/xrds.inc in Drupal 6.x before 6.33 and 7.x before 7.31 allows remote attackers to have unspecified impact via a crafted DOCTYPE declaration in an XRDS document.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5267
|
2024-11-21 11:11 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278046
|
- |
|
telerik
|
asp.net_ajax_radeditor_control
|
Cross-site scripting (XSS) vulnerability in Telerik UI for ASP.NET AJAX RadEditor control 2014.1.403.35, 2009.3.1208.20, and other versions allows remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4958
|
2024-11-21 11:11 |
2014-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278047
|
- |
|
najeebmedia
|
n-media_file_uploader
|
Unrestricted file upload vulnerability in the N-Media file uploader plugin before 3.4 for WordPress allows remote authenticated users to execute arbitrary PHP code by leveraging Author privileges to …
|
CWE-94
Code Injection
|
CVE-2014-5324
|
2024-11-21 11:11 |
2014-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278048
|
- |
|
s-link
|
slfilemanager
|
Directory traversal vulnerability in the S-Link SLFileManager application 1.2.5 and earlier for Android allows remote attackers to write to files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2014-5319
|
2024-11-21 11:11 |
2014-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278049
|
- |
|
jig
|
jigbrowser\+
|
The jigbrowser+ application 1.8.1 and earlier for iOS allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5318
|
2024-11-21 11:11 |
2014-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278050
|
- |
|
adobe
|
coldfusion
acrobat
|
Cross-site scripting (XSS) vulnerability in the Help page in Adobe Acrobat 9.5.2 and earlier and ColdFusion 8.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspec…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5315
|
2024-11-21 11:11 |
2014-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
