|
279051
|
- |
|
ibm
|
content_navigator
|
Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.0 and 2.0.1 before 2.0.1.2 FP002 IF003 and 2.0.3 before 2.0.3.2 FP002 allows remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8911
|
2024-11-21 11:19 |
2015-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279052
|
- |
|
ibm
|
websphere_portal
|
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF29, 8.0.0.x before 8.0.0.1 CF15, and 8.5.0 befor…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8909
|
2024-11-21 11:19 |
2015-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279053
|
- |
|
cloudera
|
cloudera_manager
|
Cloudera Manager 5.2.0, 5.2.1, and 5.3.0 stores the LDAP bind password in plaintext in unspecified world-readable files under /etc/hadoop, which allows local users to obtain this password.
|
CWE-200
Information Exposure
|
CVE-2014-8733
|
2024-11-21 11:19 |
2015-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279054
|
- |
|
pexip
|
pexip_infinity
|
Pexip Infinity before 8 uses the same SSH host keys across different customers' installations, which allows man-in-the-middle attackers to spoof Management and Conferencing Nodes by leveraging these …
|
CWE-254
7PK - Security Features
|
CVE-2014-8779
|
2024-11-21 11:19 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279055
|
- |
|
freebsd
|
freebsd
|
The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a cr…
|
NVD-CWE-Other
|
CVE-2014-8613
|
2024-11-21 11:19 |
2015-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279056
|
- |
|
freebsd
|
freebsd
|
Multiple array index errors in the Stream Control Transmission Protocol (SCTP) module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to (1) gain privi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8612
|
2024-11-21 11:19 |
2015-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279057
|
- |
|
ibm
|
security_appscan
|
IBM Security AppScan Standard 8.x and 9.x before 9.0.1.1 FP1 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensiti…
|
CWE-310
Cryptographic Issues
|
CVE-2014-8918
|
2024-11-21 11:19 |
2015-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279058
|
- |
|
mozilla
fedoraproject
|
bugzilla
fedora
|
Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcompon…
|
CWE-77
Command Injection
|
CVE-2014-8630
|
2024-11-21 11:19 |
2015-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279059
|
- |
|
apple
|
iphone_os
|
The iTunes Store component in Apple iOS before 8.1.3 allows remote attackers to bypass a Safari sandbox protection mechanism by leveraging redirection of an SSL URL to the iTunes Store.
|
CWE-310
Cryptographic Issues
|
CVE-2014-8840
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279060
|
- |
|
apple
|
mac_os_x
|
Spotlight in Apple OS X before 10.10.2 does not enforce the Mail "Load remote content in messages" configuration, which allows remote attackers to discover recipient IP addresses by including an inli…
|
CWE-200
Information Exposure
|
CVE-2014-8839
|
2024-11-21 11:19 |
2015-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
