|
277301
|
- |
|
embedthis
|
goahead
|
EmbedThis GoAhead 3.0.0 through 3.4.1 does not properly handle path segments starting with a . (dot), which allows remote attackers to conduct directory traversal attacks, cause a denial of service (…
|
CWE-17
Code
|
CVE-2014-9707
|
2024-11-21 11:21 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277302
|
- |
|
debian
dulwich_project
|
debian_linux
dulwich
|
The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly …
|
CWE-19
Data Processing Errors
|
CVE-2014-9706
|
2024-11-21 11:21 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277303
|
- |
|
php
opensuse
libgd
debian
canonical
|
php
opensuse
libgd
debian_linux
ubuntu_linux
|
The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and applicati…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9709
|
2024-11-21 11:21 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277304
|
- |
|
php
|
php
|
Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute ar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9705
|
2024-11-21 11:21 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277305
|
- |
|
file_project
php
debian
|
file
php
debian_linux
|
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of …
|
CWE-20
Improper Input Validation
|
CVE-2014-9653
|
2024-11-21 11:21 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277306
|
- |
|
php
file_project
|
php
file
|
The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain strin…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9652
|
2024-11-21 11:21 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277307
|
- |
|
websense
|
v-series_appliances
|
Websense TRITON V-Series appliances before 7.8.3 Hotfix 03 and 7.8.4 before Hotfix 01 allow remote administrators to read arbitrary files and obtain passwords via a crafted path.
|
CWE-200
Information Exposure
|
CVE-2014-9712
|
2024-11-21 11:21 |
2015-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277308
|
- |
|
websense
|
triton_web_security_gateway
triton_web_security_gateway_anywhere
triton_web_filter
triton_web_security
triton_ap_web
|
Multiple cross-site scripting (XSS) vulnerabilities in the Investigative Reports in Websense TRITON AP-WEB before 8.0.0 and Web Security and Filter, Web Security Gateway, and Web Security Gateway Any…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9711
|
2024-11-21 11:21 |
2015-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277309
|
- |
|
ecryptfs
|
ecryptfs-utils
|
eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack.
|
CWE-255
Credentials Management
|
CVE-2014-9687
|
2024-11-21 11:21 |
2015-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277310
|
- |
|
solarwinds
|
orion_netflow_traffic_analyzer
orion_web_performance_monitor
orion_network_configuration_manager
orion_user_device_tracker
orion_ip_address_manager
orion_voip_\&_network_quality_ma…
|
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwinds Orion Platform 2015.1, as used in Network Performance Monitor (NPM) before 1…
|
CWE-89
SQL Injection
|
CVE-2014-9566
|
2024-11-21 11:21 |
2015-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
