|
280131
|
- |
|
xen
|
xen
|
Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4021
|
2024-11-21 11:09 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280132
|
- |
|
wireshark
|
wireshark
|
wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash)…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4174
|
2024-11-21 11:09 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280133
|
- |
|
wireshark
|
wireshark
|
The dissect_frame function in epan/dissectors/packet-frame.c in the frame metadissector in Wireshark 1.10.x before 1.10.8 interprets a negative integer as a length value even though it was intended t…
|
CWE-189
Numeric Errors
|
CVE-2014-4020
|
2024-11-21 11:09 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280134
|
- |
|
nice
|
recording_express
|
Multiple cross-site scripting (XSS) vulnerabilities in NICE Recording eXpress (aka Cybertech eXpress) before 6.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) USRLNM par…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4308
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280135
|
- |
|
webtitan
|
webtitan
|
SQL injection vulnerability in categories-x.php in WebTitan before 4.04 allows remote attackers to execute arbitrary SQL commands via the sortkey parameter.
|
CWE-89
SQL Injection
|
CVE-2014-4307
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280136
|
- |
|
webtitan
|
webtitan
|
Directory traversal vulnerability in logs-x.php in WebTitan before 4.04 allows remote attackers to read arbitrary files via a .. (dot dot) in the logfile parameter in a download action.
|
CWE-22
Path Traversal
|
CVE-2014-4306
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280137
|
- |
|
openfiler
|
openfiler
|
Multiple cross-site scripting (XSS) vulnerabilities in Openfiler 2.99 allow remote attackers to inject arbitrary web script or HTML via the (1) TinkerAjax parameter to uptime.html, or remote authenti…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4309
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280138
|
- |
|
nice
|
recording_express
|
Multiple SQL injection vulnerabilities in NICE Recording eXpress (aka Cybertech eXpress) 6.5.7 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-4305
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280139
|
- |
|
sqlbuddy
|
sql_buddy
|
Cross-site scripting (XSS) vulnerability in browse.php in SQL Buddy 1.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the table parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4304
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280140
|
- |
|
drupac
|
touch
|
Multiple cross-site scripting (XSS) vulnerabilities in the Touch theme 7.x-1.x before 7.x-1.9 for Drupal allow remote authenticated users with the Administer themes permission to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4303
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
