|
280391
|
- |
|
nyu
|
opensso_integration
|
Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services (PDS) allows remote attackers to redirect users to arbitrary web sites…
|
NVD-CWE-Other
|
CVE-2014-7294
|
2024-11-21 11:16 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280392
|
- |
|
nyu
|
opensso_integration
|
Cross-site scripting (XSS) vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services (PDS) allows remote attackers to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7293
|
2024-11-21 11:16 |
2015-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280393
|
- |
|
gnome
redhat
|
gnome-shell
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
|
GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to ex…
|
CWE-399
Resource Management Errors
|
CVE-2014-7300
|
2024-11-21 11:16 |
2014-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280394
|
- |
|
sideway
|
hapi_crumb
|
The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive informat…
|
CWE-284
Improper Access Control
|
CVE-2014-7193
|
2024-11-21 11:16 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280395
|
- |
|
symantec
|
deployment_solution
|
Buffer overflow in AClient in Symantec Deployment Solution 6.9 and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-7286
|
2024-11-21 11:16 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280396
|
- |
|
gparted
|
gparted
|
GParted before 0.15.0 allows local users to execute arbitrary commands with root privileges via shell metacharacters in a crafted filesystem label.
|
CWE-77
Command Injection
|
CVE-2014-7208
|
2024-11-21 11:16 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280397
|
- |
|
ricksoft
|
wbs_gantt-chart
|
Cross-site scripting (XSS) vulnerability in the data-export feature in the Ricksoft WBS Gantt-Chart add-on 7.8.1 and earlier for JIRA allows remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7268
|
2024-11-21 11:16 |
2014-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280398
|
- |
|
ricksoft
|
wbs_gantt-chart
|
Cross-site scripting (XSS) vulnerability in the output-page generator in the Ricksoft WBS Gantt-Chart add-on 7.8.1 and earlier for JIRA allows remote authenticated users to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7267
|
2024-11-21 11:16 |
2014-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280399
|
- |
|
alliedtelesis
|
centrecom_ar415s_firmware
centrecom_ar415s
at-8624t\/2m_firmware
at-8624t\/2m
ar442s_firmware
ar442s
at-9924t_firmware
at-9924t
at-8848_firmware
at-8848
rapier_48i_firmw…
|
Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT-8748XL, AT-8848, AT-9816GB, AT-9924T, AT-9924Ts, CentreCOM AR415S, Ce…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-7249
|
2024-11-21 11:16 |
2014-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280400
|
- |
|
tsutaya
|
tsutaya
|
The TSUTAYA application 5.3 and earlier for Android allows remote attackers to execute arbitrary Java methods via a crafted HTML document.
|
CWE-20
Improper Input Validation
|
CVE-2014-7241
|
2024-11-21 11:16 |
2014-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
