|
279261
|
- |
|
disqus
|
disqus_comment_system
|
Cross-site scripting (XSS) vulnerability in upgrade.php in the Disqus Comment System plugin before 2.76 for WordPress allows remote attackers to inject arbitrary web script or HTML via the step param…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5345
|
2024-11-21 11:11 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279262
|
- |
|
mobiloud
|
mobiloud
|
Multiple cross-site scripting (XSS) vulnerabilities in the Mobiloud (mobiloud-mobile-app-plugin) plugin before 2.3.8 for WordPress allow remote attackers to inject arbitrary web script or HTML via un…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5344
|
2024-11-21 11:11 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279263
|
- |
|
fengoffice
|
feng_office
|
Cross-site scripting (XSS) vulnerability in Feng Office allows remote attackers to inject arbitrary web script or HTML via a client Name field.
|
CWE-79
Cross-site Scripting
|
CVE-2014-5343
|
2024-11-21 11:11 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279264
|
- |
|
debian
canonical
kde
|
kde4libs
ubuntu_linux
kdelibs
kauth
|
KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a Pol…
|
CWE-362
Race Condition
|
CVE-2014-5033
|
2024-11-21 11:11 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279265
|
- |
|
adobe
|
adobe_air
flash_player
adobe_air_sdk
|
Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android,…
|
CWE-352
Origin Validation Error
|
CVE-2014-5333
|
2024-11-21 11:11 |
2014-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279266
|
- |
|
wordpress
drupal
debian
|
wordpress
drupal
debian_linux
|
The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, does not limit the number of elements in an XML document, which allows remote atta…
|
CWE-399
Resource Management Errors
|
CVE-2014-5266
|
2024-11-21 11:11 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279267
|
- |
|
wordpress
drupal
debian
|
wordpress
drupal
debian_linux
|
The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion,…
|
CWE-399
Resource Management Errors
|
CVE-2014-5265
|
2024-11-21 11:11 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279268
|
- |
|
wordpress
debian
|
wordpress
debian_linux
|
Cross-site scripting (XSS) vulnerability in wp-includes/pluggable.php in WordPress before 3.9.2, when Multisite is enabled, allows remote authenticated administrators to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5240
|
2024-11-21 11:11 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279269
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV, MNT_NOSUID, and MNT_NOEXEC and changing MNT_ATIME_MASK during a remount of a bind mount, which allows …
|
CWE-269
Improper Privilege Management
|
CVE-2014-5207
|
2024-11-21 11:11 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279270
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNT_LOCK_READONLY bit across a remount of a bind mount, which allows local users to bypass an intend…
|
CWE-269
Improper Privilege Management
|
CVE-2014-5206
|
2024-11-21 11:11 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
