|
276421
|
- |
|
php
file_project
|
php
file
|
The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain strin…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9652
|
2024-11-21 11:21 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276422
|
- |
|
websense
|
v-series_appliances
|
Websense TRITON V-Series appliances before 7.8.3 Hotfix 03 and 7.8.4 before Hotfix 01 allow remote administrators to read arbitrary files and obtain passwords via a crafted path.
|
CWE-200
Information Exposure
|
CVE-2014-9712
|
2024-11-21 11:21 |
2015-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276423
|
- |
|
websense
|
triton_web_security_gateway
triton_web_security_gateway_anywhere
triton_web_filter
triton_web_security
triton_ap_web
|
Multiple cross-site scripting (XSS) vulnerabilities in the Investigative Reports in Websense TRITON AP-WEB before 8.0.0 and Web Security and Filter, Web Security Gateway, and Web Security Gateway Any…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9711
|
2024-11-21 11:21 |
2015-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276424
|
- |
|
ecryptfs
|
ecryptfs-utils
|
eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack.
|
CWE-255
Credentials Management
|
CVE-2014-9687
|
2024-11-21 11:21 |
2015-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276425
|
- |
|
solarwinds
|
orion_netflow_traffic_analyzer
orion_web_performance_monitor
orion_network_configuration_manager
orion_user_device_tracker
orion_ip_address_manager
orion_voip_\&_network_quality_ma…
|
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwinds Orion Platform 2015.1, as used in Network Performance Monitor (NPM) before 1…
|
CWE-89
SQL Injection
|
CVE-2014-9566
|
2024-11-21 11:21 |
2015-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276426
|
- |
|
google
|
chrome
|
content/renderer/device_sensors/device_orientation_event_pump.cc in Google Chrome before 41.0.2272.76 does not properly restrict access to high-rate gyroscope data, which makes it easier for remote a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9689
|
2024-11-21 11:21 |
2015-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276427
|
- |
|
ninjaforms
|
ninja_forms
|
Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users.
|
NVD-CWE-noinfo
|
CVE-2014-9688
|
2024-11-21 11:21 |
2015-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276428
|
- |
|
canonical
linux
|
ubuntu_linux
linux_kernel
|
Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buf…
|
CWE-189
Numeric Errors
|
CVE-2014-9683
|
2024-11-21 11:21 |
2015-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276429
|
- |
|
linux
debian
canonical
oracle
|
linux_kernel
debian_linux
ubuntu_linux
linux
|
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the…
|
CWE-269
Improper Privilege Management
|
CVE-2014-9644
|
2024-11-21 11:21 |
2015-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276430
|
- |
|
dns-sync_project
|
dns-sync
|
The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.
|
CWE-77
Command Injection
|
CVE-2014-9682
|
2024-11-21 11:21 |
2015-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
