|
279971
|
- |
|
microsoft
|
lync_server
|
The Response Group Service in Microsoft Lync Server 2010 and 2013 and the Core Components in Lync Server 2013 do not properly handle exceptions, which allows remote attackers to cause a denial of ser…
|
CWE-20
Improper Input Validation
|
CVE-2014-4068
|
2024-11-21 11:09 |
2014-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279972
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4065
|
2024-11-21 11:09 |
2014-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279973
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4059
|
2024-11-21 11:09 |
2014-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279974
|
- |
|
emurasoft
|
emftp
|
Emurasoft EmFTP allows local users to gain privileges via a Trojan horse executable file that is launched during an attempt to read a similarly named file that lacks a filename extension.
|
CWE-94
Code Injection
|
CVE-2014-3910
|
2024-11-21 11:09 |
2014-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279975
|
- |
|
falconsc
|
wisepoint
|
Session fixation vulnerability in Falcon WisePoint 4.1.19.7 and earlier allows remote attackers to hijack web sessions via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2014-3909
|
2024-11-21 11:09 |
2014-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279976
|
- |
|
hl7
|
c-cda
|
CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to discover potentially sensitive URLs via a crafted reference element that triggers creation of an IMG element with an arbitrary URL in i…
|
CWE-200
Information Exposure
|
CVE-2014-3862
|
2024-11-21 11:09 |
2014-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279977
|
- |
|
hl7
|
c-cda
|
Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted reference element within a nonXMLBody ele…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3861
|
2024-11-21 11:09 |
2014-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279978
|
- |
|
amazon
|
kindle
|
The Amazon.com Kindle application before 4.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive informat…
|
CWE-310
Cryptographic Issues
|
CVE-2014-3908
|
2024-11-21 11:09 |
2014-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279979
|
- |
|
vmware
|
vm-support
workstation
tools
|
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, uses 0644 permissions for the vm-support archive, which allows local users to obtain sensiti…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4200
|
2024-11-21 11:09 |
2014-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279980
|
- |
|
vmware
|
vm-support
workstation
tools
|
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp.
|
CWE-59
Link Following
|
CVE-2014-4199
|
2024-11-21 11:09 |
2014-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
