|
279381
|
- |
|
frontaccounting
|
frontaccounting
|
Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.3.21 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-3973
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279382
|
- |
|
redhat
linux
|
enterprise_linux
enterprise_mrg
linux_kernel
|
The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing cert…
|
CWE-362
Race Condition
|
CVE-2014-3940
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279383
|
- |
|
suse
redhat
linux
|
linux_enterprise_desktop
enterprise_linux
enterprise_mrg
linux_kernel
|
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel m…
|
CWE-200
Information Exposure
|
CVE-2014-3917
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279384
|
- |
|
samsung
|
ipolis_device_manager
|
Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote atta…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3912
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279385
|
- |
|
ipswitch
|
imail_server
|
Multiple cross-site scripting (XSS) vulnerabilities in the web client interface in Ipswitch IMail Server 12.3 and 12.4, possibly before 12.4.1.15, allow remote attackers to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3878
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279386
|
- |
|
owncloud
|
owncloud
|
ownCloud Server before 6.0.1 does not properly check permissions, which allows remote authenticated users to access arbitrary preview pictures via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3963
|
2024-11-21 11:09 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279387
|
- |
|
videos_tube_project
|
videos_tube
|
Multiple SQL injection vulnerabilities in Videos Tube 1.0 allow remote attackers to execute arbitrary SQL commands via the url parameter to (1) videocat.php or (2) single.php.
|
CWE-89
SQL Injection
|
CVE-2014-3962
|
2024-11-21 11:09 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279388
|
- |
|
xnau
|
participants_database
|
SQL injection vulnerability in the Export CSV page in the Participants Database plugin before 1.5.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the query parameter i…
|
CWE-89
SQL Injection
|
CVE-2014-3961
|
2024-11-21 11:09 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279389
|
- |
|
opennms
|
opennms
|
Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before 1.12.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3960
|
2024-11-21 11:09 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279390
|
- |
|
jo_hasenau
|
gridelements
|
Cross-site scripting (XSS) vulnerability in the layout wizard in the Grid Elements (gridelements) extension before 1.5.1 and 2.0.x before 2.0.3 for TYPO3 allows remote authenticated backend users to …
|
CWE-79
Cross-site Scripting
|
CVE-2014-3949
|
2024-11-21 11:09 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
