|
279221
|
- |
|
gogits
|
gogs
|
Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to (1) ap…
|
CWE-89
SQL Injection
|
CVE-2014-8682
|
2024-11-21 11:19 |
2014-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279222
|
- |
|
gogits
|
gogs
|
SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.6.x before 0.5.6.1025 Beta allows remote attackers to execute arbitrary SQL c…
|
CWE-89
SQL Injection
|
CVE-2014-8681
|
2024-11-21 11:19 |
2014-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279223
|
- |
|
simple_email_form_project
|
simple_email_form
|
Cross-site scripting (XSS) vulnerability in Simple Email Form 1.8.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the mod_simpleemailform_field2_1 parameter to index.…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8539
|
2024-11-21 11:19 |
2014-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279224
|
- |
|
moxi9
|
phpfox
|
Cross-site scripting (XSS) vulnerability in Guests/Boots in AdminCP in Moxi9 PHPFox before 4 Beta allows remote attackers to inject arbitrary web script or HTML via the User-Agent header.
|
CWE-79
Cross-site Scripting
|
CVE-2014-8469
|
2024-11-21 11:19 |
2014-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279225
|
- |
|
advantech
|
webaccess
|
Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8388
|
2024-11-21 11:19 |
2014-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279226
|
- |
|
redhat
|
tcpdump
|
tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Dist…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8769
|
2024-11-21 11:19 |
2014-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279227
|
- |
|
opensuse
canonical
oracle
redhat
|
opensuse
ubuntu_linux
solaris
tcpdump
|
Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2014-8768
|
2024-11-21 11:19 |
2014-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279228
|
- |
|
redhat
|
tcpdump
|
Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR f…
|
CWE-189
Numeric Errors
|
CVE-2014-8767
|
2024-11-21 11:19 |
2014-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279229
|
- |
|
zte
|
zxhn_h108l_firmware
|
ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote attackers to modify the CWMP configuration via a crafted request to Forms/access_cwmp_1.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8493
|
2024-11-21 11:19 |
2014-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279230
|
- |
|
advantech
|
eki-6340_firmware
eki-6340
|
cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users to execute arbitrary commands via shell metacharacters in the pinghost parameter to ping.cgi.
|
CWE-78
OS Command
|
CVE-2014-8387
|
2024-11-21 11:19 |
2014-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
