|
281021
|
- |
|
isc
|
bind
|
The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a…
|
CWE-20
Improper Input Validation
|
CVE-2014-3214
|
2024-11-21 11:07 |
2014-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281022
|
- |
|
semantictitle_project
|
semantictitle
|
Cross-site scripting (XSS) vulnerability in the SemanticTitle extension before 1.1.0 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2854
|
2024-11-21 11:07 |
2014-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281023
|
- |
|
sks_keyserver_project
|
sks_keyserver
|
Cross-site scripting (XSS) vulnerability in wserver.ml in SKS Keyserver before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to pks/lookup/undefined1.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3207
|
2024-11-21 11:07 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281024
|
- |
|
wpgetready
|
nextcellent_gallery
|
Cross-site scripting (XSS) vulnerability in admin/manage-images.php in the NextCellent Gallery plugin before 1.19.18 for WordPress allows remote authenticated users with the NextGEN Upload images, Ne…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3123
|
2024-11-21 11:07 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281025
|
- |
|
fortinet
|
fortiweb
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Fortinet FortiWeb before 5.2.0 allow remote attackers to hijack the authentication of administrators vi…
|
CWE-352
Origin Validation Error
|
CVE-2014-3115
|
2024-11-21 11:07 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281026
|
- |
|
selinuxproject
|
policycoreutils
|
seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3215
|
2024-11-21 11:07 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281027
|
- |
|
caldera
|
caldera
|
The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via (1) the maindir_hotfolder parameter to dirmng/index.php, or an unspecified …
|
CWE-94
Code Injection
|
CVE-2014-2936
|
2024-11-21 11:07 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281028
|
- |
|
caldera
|
caldera
|
costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request.
|
CWE-78
OS Command
|
CVE-2014-2935
|
2024-11-21 11:07 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281029
|
- |
|
caldera
|
caldera
|
Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to (1) costview2/jobs.php or (2) costview2/printers.php.
|
CWE-89
SQL Injection
|
CVE-2014-2934
|
2024-11-21 11:07 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281030
|
- |
|
caldera
|
caldera
|
Directory traversal vulnerability in dirmng/index.php in Caldera 9.20 allows remote attackers to access arbitrary directories via a crafted pathname.
|
CWE-22
Path Traversal
|
CVE-2014-2933
|
2024-11-21 11:07 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
