|
279851
|
5.3 |
MEDIUM
Network
|
apexis
|
apm-j601-ws_firmware
|
Directory traversal vulnerability in Apexis APM-J601-WS cameras with firmware before 17.35.2.49 allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2014-3972
|
2024-11-21 11:09 |
2018-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279852
|
7.5 |
HIGH
Network
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4145
|
2024-11-21 11:09 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279853
|
7.5 |
HIGH
Network
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4112
|
2024-11-21 11:09 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279854
|
7.5 |
HIGH
Network
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4066
|
2024-11-21 11:09 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279855
|
8.8 |
HIGH
Network
|
cacti
|
cacti
|
Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserialize(stripslashe…
|
CWE-94
Code Injection
|
CVE-2014-4000
|
2024-11-21 11:09 |
2017-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279856
|
5.4 |
MEDIUM
Network
|
iodata
|
rockdisk_firmware
|
Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3887
|
2024-11-21 11:09 |
2017-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279857
|
7.5 |
HIGH
Network
|
lg_project
|
lg
|
lg.pl in Cistron-LG 1.01 stores sensitive information under the web root with insufficient access controls, which allows remote attackers to obtain IP addresses and other unspecified router credentia…
|
CWE-284
Improper Access Control
|
CVE-2014-3930
|
2024-11-21 11:09 |
2017-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279858
|
7.5 |
HIGH
Network
|
lg_project
|
lg
|
The default configuration for Cougar-LG stores sensitive information under the web root with insufficient access control, which might allow remote attackers to obtain private ssh keys.
|
CWE-284
Improper Access Control
|
CVE-2014-3929
|
2024-11-21 11:09 |
2017-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279859
|
9.8 |
CRITICAL
Network
|
lg_project
|
lg
|
Cougar-LG stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain credentials.
|
CWE-284
Improper Access Control
|
CVE-2014-3928
|
2024-11-21 11:09 |
2017-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279860
|
9.8 |
CRITICAL
Network
|
mrlg4php_project
|
mrlg4php
|
mrlg-lib.php in mrlg4php before 1.0.8 allows remote attackers to execute arbitrary shell code.
|
CWE-94
Code Injection
|
CVE-2014-3927
|
2024-11-21 11:09 |
2017-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
