|
279171
|
- |
|
zohocorp
|
manageengine_password_manager_pro
manageengine_it360
|
SQL injection vulnerability in the MetadataServlet servlet in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition 5 through 7 build 7003, IT360 an…
|
CWE-89
SQL Injection
|
CVE-2014-3997
|
2024-11-21 11:09 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279172
|
- |
|
manageengine
|
it360
password_manager_pro
desktop_central
|
SQL injection vulnerability in the LinkViewFetchServlet servlet in ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition before 9 build 90043, Password Manager…
|
CWE-89
SQL Injection
|
CVE-2014-3996
|
2024-11-21 11:09 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279173
|
- |
|
sunhater
|
kcfinder
|
Cross-site scripting (XSS) vulnerability in index.php in SunHater KCFinder 3.11 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) file or (2) directory (folder) name …
|
CWE-79
Cross-site Scripting
|
CVE-2014-3988
|
2024-11-21 11:09 |
2014-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279174
|
- |
|
rubyonrails
|
rails
|
The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string.
|
CWE-19
Data Processing Errors
|
CVE-2014-3916
|
2024-11-21 11:09 |
2014-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279175
|
- |
|
microsoft
|
.net_framework
|
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers to execute arbitrary code via crafted d…
|
CWE-20
Improper Input Validation
|
CVE-2014-4149
|
2024-11-21 11:09 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279176
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru…
|
CWE-399
Resource Management Errors
|
CVE-2014-4143
|
2024-11-21 11:09 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279177
|
- |
|
microsoft
|
windows_server_2008
windows_server_2012
windows_rt
windows_8.1
windows_7
windows_rt_8.1
windows_vista
windows_8
windows_server_2003
|
XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, …
|
CWE-94
Code Injection
|
CVE-2014-4118
|
2024-11-21 11:09 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279178
|
- |
|
microsoft
|
sharepoint_foundation
|
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2 allows remote authenticated users to inject arbitrary web script or HTML via a modified list, aka "SharePoint Elev…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4116
|
2024-11-21 11:09 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279179
|
- |
|
microsoft
|
internet_information_services
|
The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4078
|
2024-11-21 11:09 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279180
|
- |
|
microsoft
|
windows_server_2003
|
Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability."
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4076
|
2024-11-21 11:09 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
