|
278771
|
- |
|
mantisbt
|
mantisbt
|
Cross-site scripting (XSS) vulnerability in the projax_array_serialize_for_autocomplete function in core/projax_api.php in MantisBT 1.1.0a3 through 1.2.17 allows remote attackers to inject arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2014-9270
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278772
|
- |
|
autodesk
|
design_review
|
The AdView.AdViewer.1 ActiveX control in Autodesk Design Review (ADR) before 2013 Hotfix 1 allows remote attackers to execute arbitrary code via a crafted DWF file.
|
CWE-20
Improper Input Validation
|
CVE-2014-9268
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278773
|
- |
|
ptc
|
isoview
|
Heap-based buffer overflow in the PTC IsoView ActiveX control allows remote attackers to execute arbitrary code via a crafted ViewPort property value.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9267
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278774
|
- |
|
samsung
|
smart_viewer
|
The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors.
|
CWE-94
Code Injection
|
CVE-2014-9266
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278775
|
- |
|
samsung
|
smartviewer
|
Stack-based buffer overflow in the BackupToAvi method in the CNC_Ctrl ActiveX control in Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9265
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278776
|
- |
|
3s_pocketnet_tech
|
3s_pocketnet_tech_video_management_software
|
Multiple buffer overflows in the PocketNetNVRMediaClientAxCtrl.NVRMediaViewer.1 control in 3S Pocketnet Tech VMS allow remote attackers to execute arbitrary code via a crafted string to the (1) Start…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9263
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278777
|
- |
|
pyyaml
|
libyaml
|
scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vect…
|
CWE-20
Improper Input Validation
|
CVE-2014-9130
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278778
|
- |
|
jasper_project
|
jasper
|
Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via…
|
CWE-189
Numeric Errors
|
CVE-2014-9029
|
2024-11-21 11:20 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278779
|
- |
|
f5
|
big-ip
|
Cross-site scripting (XSS) vulnerability in the tree view (pl_tree.php) feature in Application Security Manager (ASM) in F5 BIG-IP 11.3.0 allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9342
|
2024-11-21 11:20 |
2014-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278780
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-9219
|
2024-11-21 11:20 |
2014-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
