|
281951
|
- |
|
xelerance
|
openswan
|
Openswan 2.6.40 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. NOTE: this vulnerability exists …
|
CWE-20
Improper Input Validation
|
CVE-2014-2037
|
2024-11-21 11:05 |
2014-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281952
|
- |
|
vtiger
|
vtiger_crm
|
views/Index.php in the Install module in vTiger 6.0 before Security Patch 2 does not properly restrict access, which allows remote attackers to re-install the application via a request that sets the …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2268
|
2024-11-21 11:05 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281953
|
- |
|
cisco
|
rv180_firmware
rv180
rv180w
rv120w_firmware
rv120w
rv220w_firmware
rv220w
|
The Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 and RV180W devices allows remote attackers to upload files to arbitrary locations via a …
|
CWE-20
Improper Input Validation
|
CVE-2014-2179
|
2024-11-21 11:05 |
2014-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281954
|
- |
|
cisco
|
rv180_firmware
rv180
rv180w
rv220w_firmware
rv220w
rv120w_firmware
rv120w
|
Cross-site request forgery (CSRF) vulnerability in the administrative web interface in the Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 a…
|
CWE-352
Origin Validation Error
|
CVE-2014-2178
|
2024-11-21 11:05 |
2014-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281955
|
- |
|
cisco
|
rv120w_firmware
rv120w
rv220w_firmware
rv220w
rv180_firmware
rv180
rv180w
|
The network-diagnostics administration interface in the Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 and RV180W devices allows remote aut…
|
CWE-94
Code Injection
|
CVE-2014-2177
|
2024-11-21 11:05 |
2014-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281956
|
- |
|
freeradius
|
freeradius
|
Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2015
|
2024-11-21 11:05 |
2014-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281957
|
- |
|
python-gnupg_project
|
python-gnupg
|
python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists b…
|
CWE-20
Improper Input Validation
|
CVE-2014-1929
|
2024-11-21 11:05 |
2014-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281958
|
- |
|
python-gnupg_project
|
python-gnupg
|
The shell_quote function in python-gnupg 0.3.5 does not properly escape characters, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors,…
|
CWE-20
Improper Input Validation
|
CVE-2014-1928
|
2024-11-21 11:05 |
2014-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281959
|
- |
|
python-gnupg_project
|
python-gnupg
|
The shell_quote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as …
|
CWE-20
Improper Input Validation
|
CVE-2014-1927
|
2024-11-21 11:05 |
2014-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281960
|
- |
|
vbulletin
|
vbulletin
|
Cross-site scripting (XSS) vulnerability in admincp/apilog.php in vBulletin 4.2.2 and earlier, and 5.0.x through 5.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a c…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2021
|
2024-11-21 11:05 |
2014-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
