|
279991
|
- |
|
apple
haxx
|
mac_os_x
libcurl
|
The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in libcurl 7.31.0 through 7.39.0, when using the DarwinSSL (aka SecureTransport) back-end for TLS, does not check if a cached TLS ses…
|
NVD-CWE-Other
|
CVE-2014-8151
|
2024-11-21 11:18 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279992
|
- |
|
debian
haxx
canonical
|
debian_linux
libcurl
ubuntu_linux
|
CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v…
|
NVD-CWE-Other
|
CVE-2014-8150
|
2024-11-21 11:18 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279993
|
- |
|
pods_foundation
|
pods
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Pods plugin before 2.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) cond…
|
CWE-352
Origin Validation Error
|
CVE-2014-7957
|
2024-11-21 11:18 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279994
|
- |
|
podsfoundation
|
pods
|
Cross-site scripting (XSS) vulnerability in the Pods plugin before 2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter in an edit action in the pods …
|
CWE-79
Cross-site Scripting
|
CVE-2014-7956
|
2024-11-21 11:18 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279995
|
- |
|
redhat
suse
|
spacewalk
satellite
manager
|
Cross-site scripting (XSS) vulnerability in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allows remote authenticated users to inject arbitrary web script or HTML via the System Groups f…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7812
|
2024-11-21 11:18 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279996
|
- |
|
redhat
suse
|
spacewalk
network_satellite
manager
|
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted X…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7811
|
2024-11-21 11:18 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279997
|
- |
|
cisco
|
webex_meetings_server
|
The outlookpa component in Cisco WebEx Meetings Server does not properly validate API input, which allows remote attackers to modify a meeting's invite list via a crafted URL, aka Bug ID CSCuj40254.
|
CWE-20
Improper Input Validation
|
CVE-2014-8036
|
2024-11-21 11:18 |
2015-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279998
|
- |
|
cisco
|
webex_meetings_server
|
The web framework in Cisco WebEx Meetings Server produces different returned messages for URL requests depending on whether a username exists, which allows remote attackers to enumerate user accounts…
|
CWE-200
Information Exposure
|
CVE-2014-8035
|
2024-11-21 11:18 |
2015-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279999
|
- |
|
cisco
|
unified_communications_domain_manager
|
Cisco Unified Communication Domain Manager Platform Software allows remote attackers to cause a denial of service (CPU consumption, and performance degradation or service outage) via a flood of malfo…
|
CWE-399
Resource Management Errors
|
CVE-2014-8020
|
2024-11-21 11:18 |
2015-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280000
|
- |
|
openssl
|
openssl
|
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-…
|
CWE-310
Cryptographic Issues
|
CVE-2014-8275
|
2024-11-21 11:18 |
2015-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
