|
277981
|
- |
|
eucalyptus
|
eucalyptus
|
Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system passwords, which allows local users to obtain sensitive information by reading the cloud log files.
|
CWE-200
Information Exposure
|
CVE-2014-5038
|
2024-11-21 11:11 |
2014-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277982
|
- |
|
eucalyptus
|
eucalyptus
|
Eucalyptus 4.0.0 through 4.0.1, when the log level is set to INFO, logs user and system passwords, which allows local users to obtain sensitive information by reading cloud-requests.log.
|
CWE-200
Information Exposure
|
CVE-2014-5037
|
2024-11-21 11:11 |
2014-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277983
|
- |
|
webedition
|
webedition_cms
|
Directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2014-5258
|
2024-11-21 11:11 |
2014-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277984
|
- |
|
formalms
|
formalms
|
Multiple cross-site scripting (XSS) vulnerabilities in Forma Lms before 1.2.1 p01 allow remote attackers to inject arbitrary web script or HTML via the (1) id_custom parameter in an amanmenu request …
|
CWE-79
Cross-site Scripting
|
CVE-2014-5257
|
2024-11-21 11:11 |
2014-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277985
|
- |
|
nordex
|
nordex_control_2_scada
|
Cross-site scripting (XSS) vulnerability in the login script in the Wind Farm Portal on Nordex Control 2 (NC2) SCADA devices 15 and earlier allows remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5408
|
2024-11-21 11:11 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277986
|
- |
|
eset
|
personal_firewall_ndis_filter
|
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local us…
|
CWE-200
Information Exposure
|
CVE-2014-4974
|
2024-11-21 11:11 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277987
|
- |
|
expressionengine
ellislab
|
expressionengine
|
Multiple SQL injection vulnerabilities in EllisLab ExpressionEngine before 2.9.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) column_filter or (2) category[] paramet…
|
CWE-89
SQL Injection
|
CVE-2014-5387
|
2024-11-21 11:11 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277988
|
- |
|
ffmpeg
|
ffmpeg
|
libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x before 2.2.7, and 2.3.x before 2.3.2 allows remote attackers to have unspecified impact via a crafted iff image, which triggers an …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-5272
|
2024-11-21 11:11 |
2014-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277989
|
- |
|
ffmpeg
libav
|
ffmpeg
libav
|
Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 al…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-5271
|
2024-11-21 11:11 |
2014-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277990
|
- |
|
gnu
|
wget
|
Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequently execute arbitrary code, via a LIST re…
|
CWE-22
Path Traversal
|
CVE-2014-4877
|
2024-11-21 11:11 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
