|
282141
|
- |
|
schneider-electric
|
vampset
|
Multiple stack-based buffer overflows in Schneider Electric VAMPSET 2.2.136 and earlier allow local users to cause a denial of service (application halt) via a malformed (1) setting file or (2) distu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-5407
|
2024-11-21 11:11 |
2014-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282142
|
- |
|
blackcat-cms
|
blackcat_cms
|
Cross-site scripting (XSS) vulnerability in cattranslate.php in the CatTranslate JQuery plugin in BlackCat CMS 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5259
|
2024-11-21 11:11 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282143
|
- |
|
sos
|
jobscheduler
|
Directory traversal vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote authenticated users with the info permission …
|
CWE-22
Path Traversal
|
CVE-2014-5393
|
2024-11-21 11:11 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282144
|
- |
|
sos
|
jobscheduler
|
Cross-site scripting (XSS) vulnerability in the JobScheduler Operations Center (JOC) in SOS JobScheduler before 1.6.4246 and 1.7.x before 1.7.4241 allows remote attackers to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5391
|
2024-11-21 11:11 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282145
|
- |
|
avolvesoftware
|
projectdox
|
Cross-site scripting (XSS) vulnerability in Avolve Software ProjectDox 8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-5129
|
2024-11-21 11:11 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282146
|
- |
|
cacheguard
|
cacheguardos
|
Cross-site request forgery (CSRF) vulnerability in gui/password-wadmin.apl in CacheGuard OS 5.7.7 allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2014-4865
|
2024-11-21 11:11 |
2014-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282147
|
- |
|
sixapart
|
movabletype
|
Cross-site scripting (XSS) vulnerability in the management page in Six Apart Movable Type before 5.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-5313
|
2024-11-21 11:11 |
2014-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282148
|
- |
|
netgear
|
prosafe_firmware
|
The NETGEAR ProSafe Plus Configuration Utility creates configuration backup files containing cleartext passwords, which might allow remote attackers to obtain sensitive information by reading a file.
|
CWE-255
Credentials Management
|
CVE-2014-4864
|
2024-11-21 11:11 |
2014-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282149
|
- |
|
enigmail
|
enigmail
|
Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipients are specified, which allows remote attackers to obtain sensitive information by sniffing the n…
|
CWE-310
Cryptographic Issues
|
CVE-2014-5369
|
2024-11-21 11:11 |
2014-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282150
|
- |
|
nodejs
|
nodejs
|
Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-5256
|
2024-11-21 11:11 |
2014-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
