|
280821
|
- |
|
icinga
nagios
|
icinga
nagios
|
Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote att…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1878
|
2024-11-21 11:05 |
2014-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280822
|
- |
|
linux
|
linux_kernel
|
arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the s390 platform does not properly handle attempted use of the linkage stack, which allows local users to cause a denial of service (sy…
|
CWE-20
Improper Input Validation
|
CVE-2014-2039
|
2024-11-21 11:05 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280823
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows …
|
CWE-200
Information Exposure
|
CVE-2014-2038
|
2024-11-21 11:05 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280824
|
- |
|
linux
suse
canonical
|
linux_kernel
linux_enterprise_server
ubuntu_linux
|
The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_…
|
CWE-20
Improper Input Validation
|
CVE-2014-1874
|
2024-11-21 11:05 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280825
|
- |
|
cisco
|
intrusion_prevention_system
|
Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP packets, aka Bug IDs CSCum52355 and CSCul49309.
|
CWE-20
Improper Input Validation
|
CVE-2014-2103
|
2024-11-21 11:05 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280826
|
- |
|
i-doit
|
i-doit
|
Cross-site scripting (XSS) vulnerability in the API in synetics i-doit pro before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via a property title.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2231
|
2024-11-21 11:05 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280827
|
- |
|
interworx
|
web_control_panel
|
Cross-site scripting (XSS) vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) before 5.0.13 build 574 allows remote attackers to inject arb…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2035
|
2024-11-21 11:05 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280828
|
- |
|
adrotateplugin
|
adrotate
|
SQL injection vulnerability in library/clicktracker.php in the AdRotate Pro plugin 3.9 through 3.9.5 and AdRotate Free plugin 3.9 through 3.9.4 for WordPress allows remote attackers to execute arbitr…
|
CWE-89
SQL Injection
|
CVE-2014-1854
|
2024-11-21 11:05 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280829
|
- |
|
tibco
|
enterprise_administrator_sdk
enterprise_administrator
|
TIBCO Enterprise Administrator 1.0.0 and Enterprise Administrator SDK 1.0.0 do not properly enforce administrative authentication requirements, which allows remote attackers to execute arbitrary comm…
|
CWE-287
Improper Authentication
|
CVE-2014-2075
|
2024-11-21 11:05 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280830
|
- |
|
cisco
|
unified_contact_center_express_editor_software
|
Cisco Unified Contact Center Express (Unified CCX) does not properly restrict the content of the CCMConfig page, which allows remote authenticated users to obtain sensitive information by examining t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2102
|
2024-11-21 11:05 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
