|
277971
|
- |
|
open-xchange
|
app_suite
|
Server-side request forgery (SSRF) vulnerability in the documentconverter component in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allows remote attackers to trigger re…
|
NVD-CWE-Other
|
CVE-2014-5237
|
2024-11-21 11:11 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277972
|
- |
|
lwip_project
|
lwip
|
resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS query packets, which makes it easier for…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2014-4883
|
2024-11-21 11:11 |
2014-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277973
|
- |
|
directwebremoting
|
direct_web_remoting
|
Cross-site scripting (XSS) vulnerability in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-5326
|
2024-11-21 11:11 |
2014-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277974
|
- |
|
directwebremoting
|
direct_web_remoting
|
The (1) DOMConverter, (2) JDOMConverter, (3) DOM4JConverter, and (4) XOMConverter functions in Direct Web Remoting (DWR) through 2.0.10 and 3.x through 3.0.RC2 allow remote attackers to read arbitrar…
|
CWE-200
Information Exposure
|
CVE-2014-5325
|
2024-11-21 11:11 |
2014-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277975
|
- |
|
cybozu
|
office
dezie
mailwise
|
Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8 before 8.1.1 allows remote authenticated users to execute arbitrary code via e-mail messages.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-5314
|
2024-11-21 11:11 |
2014-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277976
|
- |
|
huawei
|
e5180s-22_firmware
e3276_firmware
e3236_firmware
e586bs-2_firmware
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3276 and E3236 TCPU before V200R002B470D13SP00C00 and WebUI before V100R007B100D03SP01C03, E5180s-22 before 21.270.21.00.0…
|
CWE-352
Origin Validation Error
|
CVE-2014-5395
|
2024-11-21 11:11 |
2014-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277977
|
- |
|
arubanetworks
|
clearpass
|
Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2014-6627.
|
NVD-CWE-noinfo
|
CVE-2014-5342
|
2024-11-21 11:11 |
2014-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277978
|
- |
|
docker
|
docker
docker-py
|
Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain auth…
|
CWE-17
Code
|
CVE-2014-5277
|
2024-11-21 11:11 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277979
|
- |
|
qemu
canonical
|
qemu
ubuntu_linux
|
Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact relate…
|
CWE-193
Off-by-one Error
|
CVE-2014-5388
|
2024-11-21 11:11 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277980
|
- |
|
ruby-lang
redhat
debian
canonical
|
ruby
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
debian_linux
ubuntu_linux
|
Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4975
|
2024-11-21 11:11 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
