|
285121
|
- |
|
oracle
|
openjdk
|
The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not secu…
|
CWE-59
Link Following
|
CVE-2014-1876
|
2024-11-21 11:05 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285122
|
- |
|
visibility_software
|
cyber_recruiter
|
The user login page in Visibility Software Cyber Recruiter before 8.1.00 generates different responses for invalid password-retrieval attempts depending on which data elements are incorrect, which mi…
|
CWE-200
Information Exposure
|
CVE-2014-1931
|
2024-11-21 11:05 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285123
|
- |
|
visibility_software
|
cyber_recruiter
|
Visibility Software Cyber Recruiter before 8.1.00 does not use the appropriate combination of HTTPS transport and response headers to prevent access to (1) AppSelfService.aspx and (2) AgencyPortal.as…
|
CWE-200
Information Exposure
|
CVE-2014-1930
|
2024-11-21 11:05 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285124
|
- |
|
light_speed_gaming
|
mumble
mumblekit
|
The (1) opus_packet_get_nb_frames and (2) opus_packet_get_samples_per_frame functions in the client in MumbleKit before commit fd190328a9b24d37382b269a5674b0c0c7a7e36d and Mumble for iOS 1.1 through …
|
CWE-399
Resource Management Errors
|
CVE-2014-1916
|
2024-11-21 11:05 |
2014-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285125
|
- |
|
zeroclipboard_project
redhat
|
zeroclipboard
openshift
|
Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2, as maintained by Jon Rohan and James M. Greene, allow remote attackers to inject arbitrary web …
|
CWE-79
Cross-site Scripting
|
CVE-2014-1869
|
2024-11-21 11:05 |
2014-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285126
|
- |
|
doug_poulin
|
command_school_student_management_system
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to hijack the authentication of (1) administrators for requests t…
|
CWE-352
Origin Validation Error
|
CVE-2014-1915
|
2024-11-21 11:05 |
2014-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285127
|
- |
|
doug_poulin
|
command_school_student_management_system
|
Multiple cross-site scripting (XSS) vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to inject arbitrary web script or HTML via the (1) topic parameter to sw…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1914
|
2024-11-21 11:05 |
2014-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285128
|
- |
|
opera
|
opera_browser
|
Opera before 19 on Mac OS X allows user-assisted remote attackers to spoof the address bar via vectors involving a drag-and-drop operation.
|
NVD-CWE-noinfo
|
CVE-2014-1870
|
2024-11-21 11:05 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285129
|
- |
|
devscripts_devel_team
|
devscripts
|
Directory traversal vulnerability in uupdate in devscripts 2.14.1 allows remote attackers to modify arbitrary files via a crafted .orig.tar file, related to a symlink.
|
CWE-22
Path Traversal
|
CVE-2014-1833
|
2024-11-21 11:05 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285130
|
- |
|
stackideas
|
komento
|
Cross-site scripting (XSS) vulnerability in the StackIdeas Komento (com_komento) component before 1.7.4 for Joomla! allows remote attackers to inject arbitrary web script or HTML via vectors related …
|
CWE-79
Cross-site Scripting
|
CVE-2014-1837
|
2024-11-21 11:05 |
2014-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
