|
280951
|
- |
|
gnu
debian
|
glibc
debian_linux
|
Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code …
|
CWE-189
Numeric Errors
|
CVE-2014-5119
|
2024-11-21 11:11 |
2014-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280952
|
- |
|
vmturbo
|
operations_manager
|
vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allows remote attackers to execute arbitrary commands via shell metacharacters in the fileDate parameter in a DOWN call.
|
NVD-CWE-Other
|
CVE-2014-5073
|
2024-11-21 11:11 |
2014-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280953
|
- |
|
wordpress_mobile_pack_project
wpmobilepack
|
wordpress_mobile_pack
|
The WordPress Mobile Pack plugin before 2.0.2 for WordPress does not properly restrict access to password protected posts, which allows remote attackers to obtain sensitive information via an exporta…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5337
|
2024-11-21 11:11 |
2014-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280954
|
- |
|
iii
|
encore_discovery_solution
|
Innovative Interfaces Encore Discovery Solution 4.3 places a session token in the URI, which might allow remote attackers to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2014-5128
|
2024-11-21 11:11 |
2014-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280955
|
- |
|
iii
|
encore_discovery_solution
|
Open redirect vulnerability in Innovative Interfaces Encore Discovery Solution 4.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in an unspec…
|
NVD-CWE-Other
|
CVE-2014-5127
|
2024-11-21 11:11 |
2014-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280956
|
- |
|
zohocorp
|
manageengine_eventlog_analyzer
|
Multiple cross-site scripting (XSS) vulnerabilities in event/index2.do in ManageEngine EventLog Analyzer before 9.0 build 9002 allow remote attackers to inject arbitrary web script or HTML via the (1…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4930
|
2024-11-21 11:11 |
2014-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280957
|
- |
|
invensys
|
wonderware_information_server
|
SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-5399
|
2024-11-21 11:11 |
2014-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280958
|
- |
|
invensys
|
wonderware_information_server
|
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML external entity declaration i…
|
CWE-20
Improper Input Validation
|
CVE-2014-5398
|
2024-11-21 11:11 |
2014-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280959
|
- |
|
invensys
|
wonderware_information_server
|
Cross-site scripting (XSS) vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to inject arbitrary web script or HTML via unspec…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5397
|
2024-11-21 11:11 |
2014-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280960
|
- |
|
monkey-project
|
monkey
|
Monkey HTTP Server before 1.5.3, when the File Descriptor Table (FDT) is enabled and custom error messages are set, allows remote attackers to cause a denial of service (file descriptor consumption) …
|
CWE-20
Improper Input Validation
|
CVE-2014-5336
|
2024-11-21 11:11 |
2014-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
