|
279151
|
5.5 |
MEDIUM
Local
|
s48
|
scheme48
|
The scheme48-send-definition function in cmuscheme48.el in Scheme 48 allows local users to write to arbitrary files via a symlink attack on /tmp/s48lose.tmp.
|
CWE-59
Link Following
|
CVE-2014-4150
|
2024-11-21 11:09 |
2018-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279152
|
8.1 |
HIGH
Network
|
horde
|
horde_ldap
|
The Horde_Ldap library before 2.0.6 for Horde allows remote attackers to bypass authentication by leveraging knowledge of the LDAP bind user DN.
|
CWE-287
Improper Authentication
|
CVE-2014-3999
|
2024-11-21 11:09 |
2018-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279153
|
9.8 |
CRITICAL
Network
|
opencart
|
opencart
|
The Cart::getProducts method in system/library/cart.php in OpenCart 1.5.6.4 and earlier allows remote attackers to conduct server-side request forgery (SSRF) attacks or possibly conduct XML External …
|
CWE-611
CWE-918
XXE
Server-Side Request Forgery (SSRF)
|
CVE-2014-3990
|
2024-11-21 11:09 |
2018-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279154
|
5.9 |
MEDIUM
Network
|
f5
|
big-ip_local_traffic_manager
big-ip_application_acceleration_manager
big-ip_advanced_firewall_manager
big-ip_analytics
big-ip_access_policy_manager
big-ip_application_security_manager<…
|
SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used…
|
CWE-200
Information Exposure
|
CVE-2014-4024
|
2024-11-21 11:09 |
2018-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279155
|
5.3 |
MEDIUM
Network
|
apexis
|
apm-j601-ws_firmware
|
Directory traversal vulnerability in Apexis APM-J601-WS cameras with firmware before 17.35.2.49 allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2014-3972
|
2024-11-21 11:09 |
2018-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279156
|
7.5 |
HIGH
Network
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4145
|
2024-11-21 11:09 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279157
|
7.5 |
HIGH
Network
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4112
|
2024-11-21 11:09 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279158
|
7.5 |
HIGH
Network
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4066
|
2024-11-21 11:09 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279159
|
8.8 |
HIGH
Network
|
cacti
|
cacti
|
Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashe…
|
CWE-94
Code Injection
|
CVE-2014-4000
|
2024-11-21 11:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279160
|
5.4 |
MEDIUM
Network
|
iodata
|
rockdisk_firmware
|
Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3887
|
2024-11-21 11:09 |
2017-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
