|
279021
|
5.4 |
MEDIUM
Network
|
free
|
freebox_os
|
A Cross-Site Scripting (XSS) vulnerability exists in the description field of an Download RSS item or Contacts in Freebox OS Web interface 3.0.2, which allows malicious users to execute arbitrary cod…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9405
|
2024-11-21 11:20 |
2020-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279022
|
8.6 |
HIGH
Network
|
docker
|
docker
|
Path traversal vulnerability in Docker before 1.3.3 allows remote attackers to write to arbitrary files and bypass a container protection mechanism via a full pathname in a symlink in an (1) image or…
|
CWE-22
Path Traversal
|
CVE-2014-9356
|
2024-11-21 11:20 |
2019-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279023
|
4.3 |
MEDIUM
Network
|
wpmarketplace_project
|
wpmarketplace
|
Directory traversal vulnerability in the ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin before 2.4.1 for WordPress allows remote authenticated users to download arbitra…
|
CWE-22
Path Traversal
|
CVE-2014-9014
|
2024-11-21 11:20 |
2019-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279024
|
8.8 |
HIGH
Network
|
wpmarketplace_project
|
wpmarketplace
|
The ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin 2.4.0 for WordPress allows remote authenticated users to create arbitrary users and gain admin privileges via a reque…
|
CWE-20
Improper Input Validation
|
CVE-2014-9013
|
2024-11-21 11:20 |
2019-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279025
|
9.8 |
CRITICAL
Network
|
honeywell
|
experion_process_knowledge_system
|
A file inclusion vulnerability exists in the confd.exe module in Honeywell Experion PKS R40x before R400.6, R41x before R410.6, and R43x before R430.2, which could lead to accepting an arbitrary file…
|
CWE-20
Improper Input Validation
|
CVE-2014-9186
|
2024-11-21 11:20 |
2019-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279026
|
9.8 |
CRITICAL
Network
|
honeywell
|
experion_process_knowledge_system
|
Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that cou…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9189
|
2024-11-21 11:20 |
2019-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279027
|
9.8 |
CRITICAL
Network
|
honeywell
|
experion_process_knowledge_system
|
Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could l…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9187
|
2024-11-21 11:20 |
2019-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279028
|
7.5 |
HIGH
Network
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8985
|
2024-11-21 11:20 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279029
|
6.5 |
MEDIUM
Network
|
libdwarf_project
|
libdwarf
|
Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file.
|
CWE-416
Use After Free
|
CVE-2014-9482
|
2024-11-21 11:20 |
2018-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279030
|
8.8 |
HIGH
Network
|
dasanzhone
|
znid_2426a_firmware
|
The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd.
|
CWE-77
Command Injection
|
CVE-2014-9118
|
2024-11-21 11:20 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
