|
279161
|
7.5 |
HIGH
Network
|
lg_project
|
lg
|
lg.pl in Cistron-LG 1.01 stores sensitive information under the web root with insufficient access controls, which allows remote attackers to obtain IP addresses and other unspecified router credentia…
|
CWE-284
Improper Access Control
|
CVE-2014-3930
|
2024-11-21 11:09 |
2017-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279162
|
7.5 |
HIGH
Network
|
lg_project
|
lg
|
The default configuration for Cougar-LG stores sensitive information under the web root with insufficient access control, which might allow remote attackers to obtain private ssh keys.
|
CWE-284
Improper Access Control
|
CVE-2014-3929
|
2024-11-21 11:09 |
2017-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279163
|
9.8 |
CRITICAL
Network
|
lg_project
|
lg
|
Cougar-LG stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain credentials.
|
CWE-284
Improper Access Control
|
CVE-2014-3928
|
2024-11-21 11:09 |
2017-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279164
|
9.8 |
CRITICAL
Network
|
mrlg4php_project
|
mrlg4php
|
mrlg-lib.php in mrlg4php before 1.0.8 allows remote attackers to execute arbitrary shell code.
|
CWE-94
Code Injection
|
CVE-2014-3927
|
2024-11-21 11:09 |
2017-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279165
|
6.1 |
MEDIUM
Network
|
lg_project
|
lg
|
Cross-site scripting (XSS) vulnerability in lg.cgi in Cougar LG 1.9 allows remote attackers to inject arbitrary web script or HTML via the "addr" parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3926
|
2024-11-21 11:09 |
2017-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279166
|
- |
|
oracle
|
peoplesoft_products
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 allows remote authenticated users to affect integrity via vectors related to PIA Core T…
|
NVD-CWE-noinfo
|
CVE-2014-4279
|
2024-11-21 11:09 |
2015-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279167
|
- |
|
oracle
|
oracle_and_sun_systems_product_suite
|
Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.1 allows remote authenticated users to affect confidentiality, integrity, and availability vi…
|
NVD-CWE-noinfo
|
CVE-2014-4259
|
2024-11-21 11:09 |
2015-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279168
|
- |
|
mongodb
|
mongodb
|
The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) …
|
CWE-20
Improper Input Validation
|
CVE-2014-3971
|
2024-11-21 11:09 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279169
|
- |
|
linux
|
linux_kernel
|
drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain…
|
CWE-787
Out-of-bounds Write
|
CVE-2014-4322
|
2024-11-21 11:09 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279170
|
- |
|
linux
|
linux_kernel
|
The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and ot…
|
CWE-20
Improper Input Validation
|
CVE-2014-4323
|
2024-11-21 11:09 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
