|
279351
|
- |
|
sonicwall
|
uma_em5000
global_management_system
analyzer
|
Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS, Analyzer, and UMA before 7.2 SP1 allows remote attackers to inject arbitrary web script or HTML via the node_id pa…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5024
|
2024-11-21 11:11 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279352
|
- |
|
netbsd
eterna
|
netbsd
bozohttpd
|
bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions, which allows remote attackers to bypass the HTTP authentication scheme an…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5015
|
2024-11-21 11:11 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279353
|
- |
|
netgear
acme
dlink
|
wgr614
micro_httpd
mr-adsl-dg834
dsl2750u
dsl2740u
|
Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DSL2740U and NetGear WGR614 and MR-ADSL-DG834 routers allows remote attackers to cause a denial of service (crash) via a long strin…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4927
|
2024-11-21 11:11 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279354
|
- |
|
x
|
xf86-video-intel
|
Directory traversal vulnerability in tools/backlight_helper.c in X.Org xf86-video-intel 2.99.911 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the interface nam…
|
CWE-22
Path Traversal
|
CVE-2014-4910
|
2024-11-21 11:11 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279355
|
- |
|
tenable
|
nessus
web_ui
|
The /server/properties resource in Tenable Web UI before 2.3.5 for Nessus 5.2.3 through 5.2.7 allows remote attackers to obtain sensitive information via the token parameter.
|
CWE-200
Information Exposure
|
CVE-2014-4980
|
2024-11-21 11:11 |
2014-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279356
|
- |
|
citrix
|
xenserver
|
Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and earlier allows attackers to cause a denial of service and obtain sensitive information by modifying the guest virtual hard disk (V…
|
NVD-CWE-noinfo
|
CVE-2014-4948
|
2024-11-21 11:11 |
2014-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279357
|
- |
|
citrix
|
xenserver
|
Buffer overflow in the HVM graphics console support in Citrix XenServer 6.2 Service Pack 1 and earlier has unspecified impact and attack vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4947
|
2024-11-21 11:11 |
2014-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279358
|
- |
|
gitlist
|
gitlist
|
Repository.php in Gitter, as used in Gitlist, allows remote attackers with commit privileges to execute arbitrary commands via shell metacharacters in a branch name, as demonstrated by a "git checkou…
|
NVD-CWE-Other
|
CVE-2014-5023
|
2024-11-21 11:11 |
2014-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279359
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in the Ajax system in Drupal 7.x before 7.29 allows remote attackers to inject arbitrary web script or HTML via vectors involving forms with an Ajax-enabled t…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5022
|
2024-11-21 11:11 |
2014-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279360
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the "administer taxonomy" permission to inject a…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5021
|
2024-11-21 11:11 |
2014-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
