|
280841
|
- |
|
kriesi
|
enfold
|
Unspecified vulnerability in the folder framework in the Enfold theme before 3.0.1 for WordPress has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2014-7297
|
2024-11-21 11:16 |
2014-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280842
|
- |
|
linux
|
linux_kernel
|
The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initial…
|
CWE-200
Information Exposure
|
CVE-2014-7284
|
2024-11-21 11:16 |
2014-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280843
|
- |
|
linux
redhat
|
linux_kernel
mrg_realtime
|
The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a …
|
CWE-399
Resource Management Errors
|
CVE-2014-7283
|
2024-11-21 11:16 |
2014-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280844
|
- |
|
kevin_renskers
|
dmmjobcontrol
|
Multiple SQL injection vulnerabilities in the search function in pi1/class.tx_dmmjobcontrol_pi1.php in the JobControl (dmmjobcontrol) extension 2.14.0 and earlier for TYPO3 allow remote attackers to …
|
CWE-89
SQL Injection
|
CVE-2014-7201
|
2024-11-21 11:16 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280845
|
- |
|
kevin_renskers
|
dmmjobcontrol
|
Cross-site scripting (XSS) vulnerability in pi1/class.tx_dmmjobcontrol_pi1.php in the JobControl (dmmjobcontrol) extension 2.14.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7200
|
2024-11-21 11:16 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280846
|
- |
|
cfdbplugin
|
contact_form_db
|
Multiple cross-site scripting (XSS) vulnerabilities in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin before 2.8.16 for WordPress allow remote attackers to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7139
|
2024-11-21 11:16 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280847
|
- |
|
rejetto
|
http_file_server
|
The file comment feature in Rejetto HTTP File Server (hfs) 2.3c and earlier allows remote attackers to execute arbitrary code by uploading a file with certain invalid UTF-8 byte sequences that are in…
|
CWE-94
Code Injection
|
CVE-2014-7226
|
2024-11-21 11:16 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280848
|
- |
|
oceanavenue
|
ocean_avenue_mobile_pro
|
The Ocean Avenue Mobile Pro (aka com.oceanavenue.mobile) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7047
|
2024-11-21 11:16 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280849
|
- |
|
george_wassouf_project
|
george_wassouf
|
The George Wassouf (aka com.devkhr32.georgewassouf) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obta…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7046
|
2024-11-21 11:16 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280850
|
- |
|
eng
|
spagobi
|
The default configuration in the accessibility engine in SpagoBI 5.0.0 does not set FEATURE_SECURE_PROCESSING, which allows remote authenticated users to execute arbitrary Java code via a crafted XSL…
|
CWE-94
Code Injection
|
CVE-2014-7296
|
2024-11-21 11:16 |
2014-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
