|
279231
|
- |
|
debian
xen
opensuse
|
debian_linux
xen
opensuse
|
arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service (crash) via a craf…
|
CWE-17
Code
|
CVE-2014-8595
|
2024-11-21 11:19 |
2014-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279232
|
- |
|
opensuse
debian
xen
|
opensuse
debian_linux
xen
|
The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service (NULL pointe…
|
CWE-20
Improper Input Validation
|
CVE-2014-8594
|
2024-11-21 11:19 |
2014-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279233
|
- |
|
pandorafms
|
pandora_flexible_monitoring_system
|
Cross-site scripting (XSS) vulnerability in the Page visualization agents in Pandora FMS 5.1 SP1 and earlier allows remote attackers to inject arbitrary web script or HTML via the refr parameter to i…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8629
|
2024-11-21 11:19 |
2014-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279234
|
- |
|
mantisbt
|
mantisbt
|
The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to (1) upload arbitrary XML files via the import page or (2) obtain sensitive information via th…
|
CWE-19
Data Processing Errors
|
CVE-2014-8598
|
2024-11-21 11:19 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279235
|
- |
|
freebsd
|
freebsd
|
FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos support, uses incorrect library ordering when linking sshd, which causes symbols to be resolved incorrectly and allows remote attacker…
|
CWE-17
Code
|
CVE-2014-8475
|
2024-11-21 11:19 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279236
|
- |
|
codecanyon
|
phpsound
|
Multiple cross-site scripting (XSS) vulnerabilities in phpSound 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) Title or (2) Description fields in a playlist or the (3…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8954
|
2024-11-21 11:19 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279237
|
- |
|
phpscriptlerim
|
php_scriptlerim_who\'s_who
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Php Scriptlerim Who's Who script allow remote attackers to hijack the authentication of administrators or requests that (1) add an admin …
|
CWE-352
Origin Validation Error
|
CVE-2014-8953
|
2024-11-21 11:19 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279238
|
- |
|
phpmemcachedadmin_project
|
phpmemcachedadmin
|
Cross-site scripting (XSS) vulnerability in phpMemcachedAdmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-8732
|
2024-11-21 11:19 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279239
|
- |
|
f5
|
big-ip_local_traffic_manager
|
Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2.2 allow local users with the "Resource Administrator" or "Administrator" role to enumerate and delete arbitrary files via a .. (d…
|
CWE-22
Path Traversal
|
CVE-2014-8727
|
2024-11-21 11:19 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279240
|
- |
|
php-fusion
|
php-fusion
|
Multiple SQL injection vulnerabilities in PHP-Fusion 7.02.07 allow remote authenticated users to execute arbitrary SQL commands via the (1) submit_id parameter in a 2 action to files/administration/s…
|
CWE-89
SQL Injection
|
CVE-2014-8596
|
2024-11-21 11:19 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
