|
280581
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud Server before 6.0.3 allow remote attackers to hijack the authentication of users for requests that (1) conduct cross-site script…
|
CWE-352
Origin Validation Error
|
CVE-2014-3836
|
2024-11-21 11:08 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280582
|
- |
|
owncloud
|
owncloud
|
ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not check permissions to the files_external application, which allows remote authenticated users to add external storage via unspecified vect…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3835
|
2024-11-21 11:08 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280583
|
- |
|
owncloud
|
owncloud
|
ownCloud Server before 6.0.3 does not properly check permissions, which allows remote authenticated users to (1) access the contacts of other users via the address book or (2) rename files via unspec…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3834
|
2024-11-21 11:08 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280584
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in the (1) Gallery and (2) core components in ownCloud Server before 5.016 and 6.0.x before 6.0.3 allow remote attackers to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3833
|
2024-11-21 11:08 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280585
|
- |
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in the Documents component in ownCloud Server 6.0.x before 6.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3832
|
2024-11-21 11:08 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280586
|
- |
|
lucidcrew
|
pixie
|
Multiple cross-site scripting (XSS) vulnerabilities in the contact module (admin/modules/contact.php) in Pixie CMS 1.04 allow remote attackers to inject arbitrary web script or HTML via the (1) uemai…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3786
|
2024-11-21 11:08 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280587
|
- |
|
gnu
|
gnutls
|
Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (me…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3466
|
2024-11-21 11:08 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280588
|
- |
|
vmware
|
vcenter_server_appliance
|
Ruby vSphere Console (RVC) in VMware vCenter Server Appliance allows remote authenticated users to execute arbitrary commands as root by escaping from a chroot jail.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3790
|
2024-11-21 11:08 |
2014-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280589
|
- |
|
vmware
|
player
esxi
fusion
workstation
|
VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows gue…
|
NVD-CWE-Other
|
CVE-2014-3793
|
2024-11-21 11:08 |
2014-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280590
|
- |
|
citrix
|
vdi-in-a-box
|
Unspecified vulnerability in Citrix VDI-In-A-Box 5.3.x before 5.3.8 and 5.4.x before 5.4.4 allows remote attackers to bypass authentication via unspecified vectors, related to a Java servlet.
|
CWE-287
Improper Authentication
|
CVE-2014-3780
|
2024-11-21 11:08 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
