|
280141
|
- |
|
ham3d
|
ham3d_shop_engine
|
Cross-site scripting (XSS) vulnerability in rating/rating.php in HAM3D Shop Engine allows remote attackers to inject arbitrary web script or HTML via the ID parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4302
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280142
|
- |
|
ajenti
|
ajenti
|
Multiple cross-site scripting (XSS) vulnerabilities in the respond_error function in routing.py in Eugene Pankov Ajenti before 1.2.21.7 allow remote attackers to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4301
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280143
|
- |
|
ulli_horlacher
|
fex
|
Incomplete blacklist vulnerability in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allows remote attackers to conduct cross-site scripting (XSS) attacks via the addto parameter to fu…
|
NVD-CWE-Other
|
CVE-2014-3877
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280144
|
- |
|
ulli_horlacher
|
fex
|
Multiple cross-site scripting (XSS) vulnerabilities in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allow remote attackers to inject arbitrary web script or HTML via the (1) akey par…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3876
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280145
|
- |
|
dell
|
bsafe_share
|
The TLS implementation in EMC RSA BSAFE-Java Toolkits (aka Share for Java) supports the Extended Random extension during use of the Dual_EC_DRBG algorithm, which makes it easier for remote attackers …
|
CWE-310
Cryptographic Issues
|
CVE-2014-4193
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280146
|
- |
|
dell
|
bsafe_share
|
The Dual_EC_DRBG implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) processes certain requests for output bytes by considering only the requested byte count and not the use of cache…
|
CWE-310
Cryptographic Issues
|
CVE-2014-4192
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280147
|
- |
|
dell
|
bsafe_share
|
The TLS implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) sends a long series of random bytes during use of the Dual_EC_DRBG algorithm, which makes it easier for remote attackers t…
|
CWE-310
Cryptographic Issues
|
CVE-2014-4191
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280148
|
- |
|
powerpc-utils_project
|
powerpc-utils
|
snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passw…
|
CWE-310
Cryptographic Issues
|
CVE-2014-4040
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280149
|
- |
|
redhat
ppc64-diag_project
suse
|
enterprise_linux_server
ppc64-diag
linux_enterprise_server
|
ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does not properly restrict permissions for /tmp/diagSEsnap/snapH.tar.gz, which allows local users to obtain sensitive information by rea…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4039
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280150
|
- |
|
suse
ppc64-diag_project
redhat
|
linux_enterprise_server
ppc64-diag
enterprise_linux_server
|
ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/…
|
CWE-59
Link Following
|
CVE-2014-4038
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
