|
280711
|
- |
|
ubi
|
uplay_pc
|
Ubisoft Uplay PC before 4.6.1.3217 use weak permissions (Everyone: Full Control) for the program installation directory (%PROGRAMFILES%\Ubisoft Game Launcher), which allows local users to gain privil…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5453
|
2024-11-21 11:12 |
2014-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280712
|
7.5 |
HIGH
Network
|
tripodworks
|
gigapod_officehard_firmware
gigapod_2010_firmware
gigapod_3_firmware
|
GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation.
8001/tcp is served by a versio…
|
NVD-CWE-noinfo
|
CVE-2014-5329
|
2024-11-21 11:11 |
2023-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280713
|
9.8 |
CRITICAL
Network
|
redhat
|
ansible
|
Multiple argument injection vulnerabilities in Ansible before 1.6.7 allow remote attackers to execute arbitrary code by leveraging access to an Ansible managed host and providing a crafted fact, as d…
|
CWE-74
Injection
|
CVE-2014-4967
|
2024-11-21 11:11 |
2020-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280714
|
9.8 |
CRITICAL
Network
|
redhat
|
ansible
|
Ansible before 1.6.7 does not prevent inventory data with "{{" and "lookup" substrings, and does not prevent remote data with "{{" substrings, which allows remote attackers to execute arbitrary code …
|
CWE-74
Injection
|
CVE-2014-4966
|
2024-11-21 11:11 |
2020-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280715
|
9.8 |
CRITICAL
Network
|
xorux
|
lpar2rrd
|
LPAR2RRD in 3.5 and earlier allows remote attackers to execute arbitrary commands due to insufficient input sanitization of the web GUI parameters.
|
CWE-78
OS Command
|
CVE-2014-4981
|
2024-11-21 11:11 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280716
|
8.8 |
HIGH
Network
|
boatmob
|
boat_browser
|
The WebView class and use of the WebView.addJavascriptInterface method in the Boat Browser application 8.0 and 8.0.1 for Android allow remote attackers to execute arbitrary code via a crafted web sit…
|
NVD-CWE-noinfo
|
CVE-2014-4968
|
2024-11-21 11:11 |
2020-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280717
|
8.8 |
HIGH
Network
|
sphider
sphider-plus
sphiderpro
|
sphider
sphider-plus
sphider_pro
|
A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. C…
|
CWE-74
Injection
|
CVE-2014-5086
|
2024-11-21 11:11 |
2020-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280718
|
8.8 |
HIGH
Network
|
sphider-plus
|
sphider-plus
|
A Command Execution vulnerability exists in Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5085 pert…
|
CWE-74
Injection
|
CVE-2014-5085
|
2024-11-21 11:11 |
2020-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280719
|
8.8 |
HIGH
Network
|
sphiderpro
|
sphider_pro
|
A Command Execution vulnerability exists in Sphider Pro 3.2 due to insufficient sanitization of fwrite, which could let a remote malicious user execute arbitrary code. CVE-2014-5084 pertains to insta…
|
CWE-74
Injection
|
CVE-2014-5084
|
2024-11-21 11:11 |
2020-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280720
|
8.8 |
HIGH
Network
|
sphider
|
sphider
|
A Command Execution vulnerability exists in Sphider before 1.3.6 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5083 …
|
CWE-74
Injection
|
CVE-2014-5083
|
2024-11-21 11:11 |
2020-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
