|
278751
|
- |
|
vmware
|
rabbitmq
|
CRLF injection vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks…
|
NVD-CWE-Other
|
CVE-2014-9650
|
2024-11-21 11:21 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278752
|
- |
|
vmware
|
rabbitmq
|
Cross-site scripting (XSS) vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the path info to api/…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9649
|
2024-11-21 11:21 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278753
|
- |
|
google
|
chrome
|
components/navigation_interception/intercept_navigation_resource_throttle.cc in Google Chrome before 40.0.2214.91 on Android does not properly restrict use of intent: URLs to open an application afte…
|
CWE-284
Improper Access Control
|
CVE-2014-9648
|
2024-11-21 11:21 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278754
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in PDFium, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF …
|
NVD-CWE-Other
|
CVE-2014-9647
|
2024-11-21 11:21 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278755
|
- |
|
google
|
chrome
|
Unquoted Windows search path vulnerability in the GoogleChromeDistribution::DoPostUninstallOperations function in installer/util/google_chrome_distribution.cc in the uninstall-survey feature in Googl…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9646
|
2024-11-21 11:21 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278756
|
- |
|
mantisbt
|
mantisbt
|
SQL injection vulnerability in manage_user_page.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote administrators with FILE privileges to execute arbitrary SQL commands via the…
|
CWE-89
SQL Injection
|
CVE-2014-9573
|
2024-11-21 11:21 |
2015-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278757
|
- |
|
mantisbt
|
mantisbt
|
MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 does not properly restrict access to /*/install.php, which allows remote attackers to obtain database credentials via the install parameter with t…
|
CWE-284
Improper Access Control
|
CVE-2014-9572
|
2024-11-21 11:21 |
2015-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278758
|
- |
|
mantisbt
|
mantisbt
|
Cross-site scripting (XSS) vulnerability in admin/install.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the (1) admin_…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9571
|
2024-11-21 11:21 |
2015-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278759
|
- |
|
xiph
opensuse
|
vorbis-tools
opensuse
|
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9640
|
2024-11-21 11:21 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278760
|
- |
|
xiph
fedoraproject
opensuse
|
vorbis-tools
fedora
opensuse
|
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory ac…
|
NVD-CWE-Other
|
CVE-2014-9639
|
2024-11-21 11:21 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
