|
277261
|
- |
|
ricksoft
|
wbs_gantt-chart
|
Cross-site scripting (XSS) vulnerability in the output-page generator in the Ricksoft WBS Gantt-Chart add-on 7.8.1 and earlier for JIRA allows remote authenticated users to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7267
|
2024-11-21 11:16 |
2014-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277262
|
- |
|
alliedtelesis
|
centrecom_ar415s_firmware
centrecom_ar415s
at-8624t\/2m_firmware
at-8624t\/2m
ar442s_firmware
ar442s
at-9924t_firmware
at-9924t
at-8848_firmware
at-8848
rapier_48i_firmw…
|
Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT-8748XL, AT-8848, AT-9816GB, AT-9924T, AT-9924Ts, CentreCOM AR415S, Ce…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-7249
|
2024-11-21 11:16 |
2014-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277263
|
- |
|
tsutaya
|
tsutaya
|
The TSUTAYA application 5.3 and earlier for Android allows remote attackers to execute arbitrary Java methods via a crafted HTML document.
|
CWE-20
Improper Input Validation
|
CVE-2014-7241
|
2024-11-21 11:16 |
2014-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277264
|
- |
|
puppet
|
puppet_server
|
Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or upgrade and the start of the service.
|
CWE-362
Race Condition
|
CVE-2014-7170
|
2024-11-21 11:16 |
2014-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277265
|
- |
|
symantec
|
web_gateway
|
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP sc…
|
CWE-77
Command Injection
|
CVE-2014-7285
|
2024-11-21 11:16 |
2014-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277266
|
- |
|
k7computing
|
k7firewall_packet_driver
|
Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-7136
|
2024-11-21 11:16 |
2014-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277267
|
- |
|
linpha
|
linpha
|
Cross-site scripting (XSS) vulnerability in LinPHA allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-7265
|
2024-11-21 11:16 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277268
|
- |
|
bsd
freebsd
netbsd
openbsd
|
bsd
freebsd
netbsd
openbsd
|
The TCP stack in 4.3BSD Net/2, as used in FreeBSD 5.4, NetBSD possibly 2.0, and OpenBSD possibly 3.6, does not properly implement the session timer, which allows remote attackers to cause a denial of…
|
CWE-399
Resource Management Errors
|
CVE-2014-7250
|
2024-11-21 11:16 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277269
|
- |
|
ultrapop
|
i-httpd
|
Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP header, a different vulnerability than CVE-2014-7261.
|
CWE-79
Cross-site Scripting
|
CVE-2014-7263
|
2024-11-21 11:16 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277270
|
- |
|
ultrapop
|
i-httpd
|
Cross-site scripting (XSS) vulnerability in the Omake BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string.
|
CWE-79
Cross-site Scripting
|
CVE-2014-7262
|
2024-11-21 11:16 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
