|
276661
|
- |
|
redhat
|
cloudforms_3.1_management_engine
|
SQL injection vulnerability in Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 allows remote authenticated users to execute arbitrary SQL commands via a crafted REST API request to an SQL filter.
|
CWE-89
SQL Injection
|
CVE-2014-7814
|
2024-11-21 11:18 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276662
|
- |
|
cisco
|
webex_meetings_server
|
Cisco WebEx Meetings Server 1.5 presents the same CAPTCHA challenge for each login attempt, which makes it easier for remote attackers to obtain access via a brute-force approach of guessing username…
|
CWE-255
Credentials Management
|
CVE-2014-8034
|
2024-11-21 11:18 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276663
|
- |
|
cisco
|
identity_services_engine_software
|
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Identity Services Engine allow remote attackers to inject arbitrary web script or HTML via input to unspecified web pages, aka Bug IDs CSC…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8022
|
2024-11-21 11:18 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276664
|
- |
|
hp
|
insight_control_server_deployment
|
Cross-site scripting (XSS) vulnerability in the server in HP Insight Control allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-7881
|
2024-11-21 11:18 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276665
|
- |
|
litech
openstack
|
router_advertisement_daemon
neutron
|
The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight …
|
CWE-20
Improper Input Validation
|
CVE-2014-8153
|
2024-11-21 11:18 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276666
|
- |
|
apple
haxx
|
mac_os_x
libcurl
|
The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in libcurl 7.31.0 through 7.39.0, when using the DarwinSSL (aka SecureTransport) back-end for TLS, does not check if a cached TLS ses…
|
NVD-CWE-Other
|
CVE-2014-8151
|
2024-11-21 11:18 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276667
|
- |
|
debian
haxx
canonical
|
debian_linux
libcurl
ubuntu_linux
|
CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v…
|
NVD-CWE-Other
|
CVE-2014-8150
|
2024-11-21 11:18 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276668
|
- |
|
pods_foundation
|
pods
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Pods plugin before 2.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) cond…
|
CWE-352
Origin Validation Error
|
CVE-2014-7957
|
2024-11-21 11:18 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276669
|
- |
|
podsfoundation
|
pods
|
Cross-site scripting (XSS) vulnerability in the Pods plugin before 2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter in an edit action in the pods …
|
CWE-79
Cross-site Scripting
|
CVE-2014-7956
|
2024-11-21 11:18 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276670
|
- |
|
redhat
suse
|
spacewalk
satellite
manager
|
Cross-site scripting (XSS) vulnerability in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allows remote authenticated users to inject arbitrary web script or HTML via the System Groups f…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7812
|
2024-11-21 11:18 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
