|
280101
|
7.8 |
HIGH
Local
|
sddm_project
fedoraproject
|
sddm
fedora
|
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm" without authentication.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2014-7271
|
2024-11-21 11:16 |
2018-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280102
|
6.5 |
MEDIUM
Network
|
teamspeak
|
teamspeak3
|
Buffer overflow in TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (application crash) by connecting to a channel with a different client instance, …
|
CWE-20
Improper Input Validation
|
CVE-2014-7222
|
2024-11-21 11:16 |
2018-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280103
|
6.5 |
MEDIUM
Network
|
teamspeak
|
teamspeak3
|
TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (buffer overflow and application crash) by connecting to a channel with a different client instance,…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-7221
|
2024-11-21 11:16 |
2018-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280104
|
5.9 |
MEDIUM
Network
|
ms-ins
|
sumaho
sumaho_driving_capability_diagnosis
|
The SumaHo application 3.0.0 and earlier for Android and the SumaHo "driving capability" diagnosis result transmission application 1.2.2 and earlier for Android allow man-in-the-middle attackers to s…
|
CWE-295
Improper Certificate Validation
|
CVE-2014-7242
|
2024-11-21 11:16 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280105
|
6.1 |
MEDIUM
Network
|
formget
|
easy_contact_form_solution
|
Cross-site scripting (XSS) vulnerability in the Easy Contact Form Solution plugin before 1.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the value parameter in a …
|
CWE-79
Cross-site Scripting
|
CVE-2014-7240
|
2024-11-21 11:16 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280106
|
9.8 |
CRITICAL
Network
|
kankunit
|
konke_smart_plug_firmware
|
The Konke Smart Plug K does not require authentication for TELNET sessions, which allows remote attackers to obtain "equipment management authority" via TCP traffic to port 23.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7279
|
2024-11-21 11:16 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280107
|
6.1 |
MEDIUM
Network
|
nex-forms_lite_project
|
nex-forms_lite
|
Multiple cross-site scripting (XSS) vulnerabilities in the NEX-Forms Lite plugin 2.1.0 for WordPress allow remote attackers to inject arbitrary web script or HTML via the form_fields parameter in a (…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7151
|
2024-11-21 11:16 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280108
|
- |
|
yahoo
|
messenger
|
Multiple stack-based buffer overflows in Yahoo! Messenger 11.5.0.228 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) shortcut o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-7216
|
2024-11-21 11:16 |
2015-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280109
|
- |
|
gehealthcare
|
precision_thunis-800\+
|
GE Healthcare Precision THUNIS-800+ has a default password of (1) 1973 for the factory default System Utilities menu, (2) TH8740 for installation using TH8740_122_Setup.exe, (3) hrml for "Setup and A…
|
CWE-255
Credentials Management
|
CVE-2014-7233
|
2024-11-21 11:16 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280110
|
- |
|
gehealthcare
|
discovery_xr656_g2
discovery_xr656
|
GE Healthcare Discovery XR656 and XR656 G2 has a password of (1) 2getin for the insite user, (2) 4$xray for the xruser user, and (3) #superxr for the root user, which has unspecified impact and attac…
|
CWE-255
Credentials Management
|
CVE-2014-7232
|
2024-11-21 11:16 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
