|
279861
|
6.1 |
MEDIUM
Network
|
lg_project
|
lg
|
Cross-site scripting (XSS) vulnerability in lg.cgi in Cougar LG 1.9 allows remote attackers to inject arbitrary web script or HTML via the "addr" parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3926
|
2024-11-21 11:09 |
2017-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279862
|
- |
|
oracle
|
peoplesoft_products
|
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 allows remote authenticated users to affect integrity via vectors related to PIA Core T…
|
NVD-CWE-noinfo
|
CVE-2014-4279
|
2024-11-21 11:09 |
2015-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279863
|
- |
|
oracle
|
oracle_and_sun_systems_product_suite
|
Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.1 allows remote authenticated users to affect confidentiality, integrity, and availability vi…
|
NVD-CWE-noinfo
|
CVE-2014-4259
|
2024-11-21 11:09 |
2015-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279864
|
- |
|
mongodb
|
mongodb
|
The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) …
|
CWE-20
Improper Input Validation
|
CVE-2014-3971
|
2024-11-21 11:09 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279865
|
- |
|
linux
|
linux_kernel
|
drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain…
|
CWE-787
Out-of-bounds Write
|
CVE-2014-4322
|
2024-11-21 11:09 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279866
|
- |
|
linux
|
linux_kernel
|
The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and ot…
|
CWE-20
Improper Input Validation
|
CVE-2014-4323
|
2024-11-21 11:09 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279867
|
- |
|
zohocorp
|
manageengine_password_manager_pro
manageengine_it360
|
SQL injection vulnerability in the MetadataServlet servlet in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition 5 through 7 build 7003, IT360 an…
|
CWE-89
SQL Injection
|
CVE-2014-3997
|
2024-11-21 11:09 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279868
|
- |
|
manageengine
|
it360
password_manager_pro
desktop_central
|
SQL injection vulnerability in the LinkViewFetchServlet servlet in ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition before 9 build 90043, Password Manager…
|
CWE-89
SQL Injection
|
CVE-2014-3996
|
2024-11-21 11:09 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279869
|
- |
|
sunhater
|
kcfinder
|
Cross-site scripting (XSS) vulnerability in index.php in SunHater KCFinder 3.11 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) file or (2) directory (folder) name …
|
CWE-79
Cross-site Scripting
|
CVE-2014-3988
|
2024-11-21 11:09 |
2014-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279870
|
- |
|
rubyonrails
|
rails
|
The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string.
|
CWE-19
Data Processing Errors
|
CVE-2014-3916
|
2024-11-21 11:09 |
2014-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
