|
277541
|
- |
|
zyxel
|
sbg3300-n_firmware
sbg3300-n
|
The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to cause a denial of service (persistent web-interface outage) via JavaScript co…
|
CWE-20
Improper Input Validation
|
CVE-2014-7278
|
2024-11-21 11:16 |
2014-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277542
|
- |
|
zyxel
|
sbg3300-n_firmware
sbg3300-n
|
Cross-site scripting (XSS) vulnerability in the login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7277
|
2024-11-21 11:16 |
2014-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277543
|
- |
|
phpmyadmin
|
phpmyadmin
|
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.4, 4.1.x before 4.1.14.5, and 4.2.x before 4.2.9.1 allow remote authenticated users to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7217
|
2024-11-21 11:16 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277544
|
- |
|
xen
|
xen
|
The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host cr…
|
CWE-399
Resource Management Errors
|
CVE-2014-7188
|
2024-11-21 11:16 |
2014-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277545
|
- |
|
exinda
|
wan_optimization_suite
|
Cross-site request forgery (CSRF) vulnerability in Exinda WAN Optimization Suite 7.0.0 (2160) allows remote attackers to hijack the authentication of administrators for requests that change the admin…
|
CWE-352
Origin Validation Error
|
CVE-2014-7158
|
2024-11-21 11:16 |
2014-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277546
|
- |
|
exinda
|
wan_optimization_suite
|
Cross-site scripting (XSS) vulnerability in Exinda WAN Optimization Suite 7.0.0 (2160) allows remote attackers to inject arbitrary web script or HTML via the tabsel parameter to admin/launch.
|
CWE-79
Cross-site Scripting
|
CVE-2014-7157
|
2024-11-21 11:16 |
2014-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277547
|
- |
|
xen
|
xen
|
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7156
|
2024-11-21 11:16 |
2014-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277548
|
- |
|
xen
debian
fedoraproject
opensuse
|
xen
debian_linux
fedora
opensuse
|
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7155
|
2024-11-21 11:16 |
2014-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277549
|
- |
|
fedoraproject
debian
xen
opensuse
|
fedora
debian_linux
xen
opensuse
|
Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a d…
|
CWE-362
Race Condition
|
CVE-2014-7154
|
2024-11-21 11:16 |
2014-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277550
|
- |
|
openstack
|
keystonemiddleware
python-keystoneclient
|
OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration (pa…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7144
|
2024-11-21 11:16 |
2014-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
