|
281101
|
- |
|
paperthin
|
commonspot_content_server
|
PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 does not check authorization in unspecified situations, which allows remote authenticated users to perform actions via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2862
|
2024-11-21 11:07 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281102
|
- |
|
paperthin
|
commonspot_content_server
|
Incomplete blacklist vulnerability in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted string, as demonstrate…
|
NVD-CWE-Other
|
CVE-2014-2861
|
2024-11-21 11:07 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281103
|
- |
|
paperthin
|
commonspot_content_server
|
Multiple cross-site scripting (XSS) vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to inject arbitrary web script or HTML via a crafted HTTP request …
|
CWE-79
Cross-site Scripting
|
CVE-2014-2860
|
2024-11-21 11:07 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281104
|
- |
|
paperthin
|
commonspot_content_server
|
PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to bypass intended access restrictions via a direct request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2859
|
2024-11-21 11:07 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281105
|
- |
|
juniper
|
screenos
|
Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service (crash and restart or failover) via a malformed SSL/TLS packet.
|
CWE-399
Resource Management Errors
|
CVE-2014-2842
|
2024-11-21 11:07 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281106
|
- |
|
openstack
|
keystone
|
The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service (CPU consumption) via a large number of the sa…
|
CWE-287
Improper Authentication
|
CVE-2014-2828
|
2024-11-21 11:07 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281107
|
- |
|
linux
debian
|
linux_kernel
debian_linux
|
Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gai…
|
CWE-416
Use After Free
|
CVE-2014-2851
|
2024-11-21 11:07 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281108
|
- |
|
openafs
|
openafs
|
OpenAFS before 1.6.7 delays the listen thread when an RXS_CheckResponse fails, which allows remote attackers to cause a denial of service (performance degradation) via an invalid packet.
|
CWE-20
Improper Input Validation
|
CVE-2014-2852
|
2024-11-21 11:07 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281109
|
- |
|
sophos
|
web_appliance_firmware
web_appliance
|
The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address paramet…
|
CWE-78
OS Command
|
CVE-2014-2850
|
2024-11-21 11:07 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281110
|
- |
|
sophos
|
web_appliance_firmware
web_appliance
|
The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2849
|
2024-11-21 11:07 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
