|
280271
|
9.8 |
CRITICAL
Network
|
redhat
|
jboss_enterprise_web_server
edeploy
|
eDeploy through at least 2014-10-14 has remote code execution due to eval() of untrusted data
|
CWE-74
Injection
|
CVE-2014-3700
|
2024-11-21 11:08 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280272
|
4.3 |
MEDIUM
Network
|
redhat
|
keycloak
jboss_enterprise_web_server
|
JBoss KeyCloak is vulnerable to soft token deletion via CSRF
|
CWE-352
Origin Validation Error
|
CVE-2014-3655
|
2024-11-21 11:08 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280273
|
6.1 |
MEDIUM
Network
|
redhat
|
openshift_origin
|
OpenShift Origin: Improperly validated team names could allow stored XSS attacks
|
CWE-79
Cross-site Scripting
|
CVE-2014-3592
|
2024-11-21 11:08 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280274
|
6.5 |
MEDIUM
Network
|
redhat
|
hornetq
|
HornetQ REST is vulnerable to XML External Entity due to insecure configuration of RestEasy
|
CWE-611
XXE
|
CVE-2014-3599
|
2024-11-21 11:08 |
2019-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280275
|
6.1 |
MEDIUM
Network
|
redhat
|
jboss_aerogear
|
JBoss AeroGear has reflected XSS via the password field
|
CWE-79
Cross-site Scripting
|
CVE-2014-3649
|
2024-11-21 11:08 |
2019-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280276
|
6.5 |
MEDIUM
Adjacent
|
citrix
|
xenserver
|
The Windows Guest Tools in Citrix XenServer 6.2 SP1 and earlier allows remote attackers to cause a denial of service (guest OS crash) via a crafted Ethernet frame.
|
CWE-20
Improper Input Validation
|
CVE-2014-3798
|
2024-11-21 11:08 |
2019-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280277
|
5.9 |
MEDIUM
Network
|
shibboleth
|
identity_provider
opensaml_java
|
The (1) HttpResource and (2) FileBackedHttpResource implementations in Shibboleth Identity Provider (IdP) before 2.4.1 and OpenSAML Java 2.6.2 do not verify that the server hostname matches a domain …
|
CWE-297
Improper Validation of Certificate with Host Mismatch
|
CVE-2014-3603
|
2024-11-21 11:08 |
2019-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280278
|
9.8 |
CRITICAL
Network
|
rope_project
|
rope
|
base/oi/doa.py in the Rope library in CPython (aka Python) allows remote attackers to execute arbitrary code by leveraging an unsafe call to pickle.load.
|
NVD-CWE-noinfo
|
CVE-2014-3539
|
2024-11-21 11:08 |
2018-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280279
|
9.8 |
CRITICAL
Network
|
juniper
|
junos_space
|
The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with a hardcoded password, which allows remote attackers to obtain sensitive information and consequently o…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2014-3413
|
2024-11-21 11:08 |
2018-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280280
|
7.5 |
HIGH
Network
|
grails
|
resources
|
The Grails Resource Plugin often has to exchange URIs for resources with other internal components. Those other components will decode any URI passed to them. To protect against directory traversal t…
|
CWE-22
Path Traversal
|
CVE-2014-3626
|
2024-11-21 11:08 |
2018-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
