|
282281
|
- |
|
microsoft
|
windows_server_2008
windows_server_2012
windows_rt
windows_8.1
windows_7
windows_rt_8.1
windows_vista
windows_8
windows_server_2003
|
XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, …
|
CWE-94
Code Injection
|
CVE-2014-4118
|
2024-11-21 11:09 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282282
|
- |
|
microsoft
|
sharepoint_foundation
|
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2010 SP2 allows remote authenticated users to inject arbitrary web script or HTML via a modified list, aka "SharePoint Elev…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4116
|
2024-11-21 11:09 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282283
|
- |
|
microsoft
|
internet_information_services
|
The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4078
|
2024-11-21 11:09 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282284
|
- |
|
microsoft
|
windows_server_2003
|
Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability."
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4076
|
2024-11-21 11:09 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282285
|
- |
|
epicor
|
epicor_enterprise
|
Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allows attackers to obtain the (1) Database Connection and (2) E-mail Connection passwords by reading HTML source code of the database connection a…
|
CWE-200
Information Exposure
|
CVE-2014-4311
|
2024-11-21 11:09 |
2014-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282286
|
- |
|
f5
|
big-ip_advanced_firewall_manager
big-ip_policy_enforcement_manager
big-ip_application_security_manager
big-ip_application_acceleration_manager
enterprise_manager
big-ip_edge_gateway
Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, A…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4023
|
2024-11-21 11:09 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
282287
|
- |
|
freebsd
|
freebsd
|
routed in FreeBSD 8.4 through 10.1-RC2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RIP request from a source not on a directly connected network.
|
CWE-20
Improper Input Validation
|
CVE-2014-3955
|
2024-11-21 11:09 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282288
|
- |
|
freebsd
|
freebsd
|
Stack-based buffer overflow in rtsold in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted DNS parameters in a r…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3954
|
2024-11-21 11:09 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282289
|
- |
|
j\!extensions_store
|
jchatsocial
|
Cross-site scripting (XSS) vulnerability in the JChatSocial component before 2.3 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the filename parameter in a file upload…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3863
|
2024-11-21 11:09 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282290
|
- |
|
tomatocart
|
tomatocart
|
SQL injection vulnerability in TomatoCart 1.1.8.6.1 allows remote authenticated users to execute arbitrary SQL commands via the First Name and Last Name fields in a new address book contact.
|
CWE-89
SQL Injection
|
CVE-2014-3978
|
2024-11-21 11:09 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
