|
278841
|
- |
|
alfresco
|
community_edition
|
Server-side request forgery (SSRF) vulnerability in the cmisbrowser servlet in Content Management Interoperability Service (CMIS) in Alfresco Community Edition 5.0.a and earlier allows remote attacke…
|
NVD-CWE-Other
|
CVE-2014-9302
|
2024-11-21 11:20 |
2014-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278842
|
- |
|
alfresco
|
alfresco
|
Server-side request forgery (SSRF) vulnerability in the proxy servlet in Alfresco Community Edition before 5.0.a allows remote attackers to trigger outbound requests to intranet servers, conduct port…
|
NVD-CWE-Other
|
CVE-2014-9301
|
2024-11-21 11:20 |
2014-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278843
|
- |
|
alfresco
|
alfresco
|
Cross-site request forgery (CSRF) vulnerability in the cmisbrowser servlet in Content Management Interoperability Service (CMIS) in Alfresco Community Edition before 5.0.a allows remote attackers to …
|
CWE-352
Origin Validation Error
|
CVE-2014-9300
|
2024-11-21 11:20 |
2014-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278844
|
- |
|
mantisbt
|
mantisbt
|
MantisBT before 1.2.18 uses the public_key parameter value as the key to the CAPTCHA answer, which allows remote attackers to bypass the CAPTCHA protection mechanism by leveraging knowledge of a CAPT…
|
CWE-284
Improper Access Control
|
CVE-2014-9117
|
2024-11-21 11:20 |
2014-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278845
|
- |
|
openbsd
|
openssh
|
The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in th…
|
CWE-287
Improper Authentication
|
CVE-2014-9278
|
2024-11-21 11:20 |
2014-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278846
|
- |
|
jrss_widget_project
|
jrss_widget
|
Server-side request forgery (SSRF) vulnerability in proxy.php in the jRSS Widget plugin 1.2 and earlier for WordPress allows remote attackers to trigger outbound requests and enumerate open ports via…
|
NVD-CWE-Other
|
CVE-2014-9292
|
2024-11-21 11:20 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278847
|
- |
|
redhat
|
tcpdump
|
Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9140
|
2024-11-21 11:20 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278848
|
- |
|
debian
fedoraproject
lsyncd_project
|
debian_linux
fedora
lsyncd
|
default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename.
|
CWE-77
Command Injection
|
CVE-2014-8990
|
2024-11-21 11:20 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278849
|
- |
|
pbboard
|
pbboard
|
SQL injection vulnerability in the CheckEmail function in includes/functions.class.php in PBBoard 3.0.1 before 20141128 allows remote attackers to execute arbitrary SQL commands via the email paramet…
|
CWE-89
SQL Injection
|
CVE-2014-9215
|
2024-11-21 11:20 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278850
|
- |
|
altitude
|
altitude_unified_customer_interaction
|
Multiple cross-site scripting (XSS) vulnerabilities in Altitude uAgent in Altitude uCI (Unified Customer Interaction) 7.5 allow remote attackers to inject arbitrary web script or HTML via (1) an emai…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9212
|
2024-11-21 11:20 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
