|
280771
|
- |
|
opensuse
logilab
|
opensuse
logilab-common
|
The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file.
|
NVD-CWE-noinfo
|
CVE-2014-1839
|
2024-11-21 11:05 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280772
|
- |
|
opensuse
logilab
|
opensuse
logilab-common
|
The (1) extract_keys_from_pdf and (2) fill_pdf functions in pdf_ext.py in logilab-commons before 0.61.0 allows local users to overwrite arbitrary files and possibly have other unspecified impact via …
|
CWE-59
Link Following
|
CVE-2014-1838
|
2024-11-21 11:05 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280773
|
- |
|
wireshark
|
wireshark
|
epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a deni…
|
NVD-CWE-Other
|
CVE-2014-2283
|
2024-11-21 11:05 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280774
|
- |
|
wireshark
|
wireshark
|
The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2282
|
2024-11-21 11:05 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280775
|
- |
|
wireshark
|
wireshark
|
The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which all…
|
CWE-20
Improper Input Validation
|
CVE-2014-2281
|
2024-11-21 11:05 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280776
|
- |
|
opendocman
|
opendocman
|
SQL injection vulnerability in ajax_udf.php in OpenDocMan before 1.2.7.2 allows remote attackers to execute arbitrary SQL commands via the add_value parameter.
|
CWE-89
SQL Injection
|
CVE-2014-1945
|
2024-11-21 11:05 |
2014-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280777
|
- |
|
ilch
|
ilch_cms
|
Cross-site scripting (XSS) vulnerability in Ilch CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the text parameter to index.php/guestbook/index/newentry.
|
CWE-79
Cross-site Scripting
|
CVE-2014-1944
|
2024-11-21 11:05 |
2014-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280778
|
- |
|
gnu
|
gnutls
|
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1959
|
2024-11-21 11:05 |
2014-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280779
|
- |
|
videowhisper
|
live_streaming_integration_plugin
|
Multiple directory traversal vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to (1) read arbitrary files via a .. (dot dot) in…
|
CWE-22
Path Traversal
|
CVE-2014-1907
|
2024-11-21 11:05 |
2014-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280780
|
- |
|
videowhisper
|
live_streaming_integration_plugin
|
Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1906
|
2024-11-21 11:05 |
2014-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
