|
281091
|
- |
|
netgear
acme
dlink
|
wgr614
micro_httpd
mr-adsl-dg834
dsl2750u
dsl2740u
|
Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DSL2740U and NetGear WGR614 and MR-ADSL-DG834 routers allows remote attackers to cause a denial of service (crash) via a long strin…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4927
|
2024-11-21 11:11 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281092
|
- |
|
x
|
xf86-video-intel
|
Directory traversal vulnerability in tools/backlight_helper.c in X.Org xf86-video-intel 2.99.911 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the interface nam…
|
CWE-22
Path Traversal
|
CVE-2014-4910
|
2024-11-21 11:11 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281093
|
- |
|
tenable
|
nessus
web_ui
|
The /server/properties resource in Tenable Web UI before 2.3.5 for Nessus 5.2.3 through 5.2.7 allows remote attackers to obtain sensitive information via the token parameter.
|
CWE-200
Information Exposure
|
CVE-2014-4980
|
2024-11-21 11:11 |
2014-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281094
|
- |
|
citrix
|
xenserver
|
Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and earlier allows attackers to cause a denial of service and obtain sensitive information by modifying the guest virtual hard disk (V…
|
NVD-CWE-noinfo
|
CVE-2014-4948
|
2024-11-21 11:11 |
2014-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281095
|
- |
|
citrix
|
xenserver
|
Buffer overflow in the HVM graphics console support in Citrix XenServer 6.2 Service Pack 1 and earlier has unspecified impact and attack vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4947
|
2024-11-21 11:11 |
2014-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281096
|
- |
|
gitlist
|
gitlist
|
Repository.php in Gitter, as used in Gitlist, allows remote attackers with commit privileges to execute arbitrary commands via shell metacharacters in a branch name, as demonstrated by a "git checkou…
|
NVD-CWE-Other
|
CVE-2014-5023
|
2024-11-21 11:11 |
2014-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281097
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in the Ajax system in Drupal 7.x before 7.29 allows remote attackers to inject arbitrary web script or HTML via vectors involving forms with an Ajax-enabled t…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5022
|
2024-11-21 11:11 |
2014-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281098
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7.x before 7.29 allows remote authenticated users with the "administer taxonomy" permission to inject a…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5021
|
2024-11-21 11:11 |
2014-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281099
|
- |
|
drupal
|
drupal
|
The File module in Drupal 7.x before 7.29 does not properly check permissions to view files, which allows remote authenticated users with certain permissions to bypass intended restrictions and read …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5020
|
2024-11-21 11:11 |
2014-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281100
|
- |
|
drupal
|
drupal
|
The multisite feature in Drupal 6.x before 6.32 and 7.x before 7.29 allows remote attackers to cause a denial of service via a crafted HTTP Host header, related to determining which configuration fil…
|
CWE-20
Improper Input Validation
|
CVE-2014-5019
|
2024-11-21 11:11 |
2014-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
