|
284161
|
- |
|
dlink
|
dap_1150_firmware
dap_1150
|
Cross-site scripting (XSS) vulnerability in D-Link DAP 1150 with firmware 1.2.94 allows remote attackers to inject arbitrary web script or HTML via the res_buf parameter to index.cgi in the Control/U…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3761
|
2024-11-21 11:08 |
2014-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284162
|
- |
|
dlink
|
dap_1150_firmware
dap_1150
|
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP 1150 with firmware 1.2.94 allow remote attackers to hijack the authentication of administrators for requests that (1) enable o…
|
CWE-352
Origin Validation Error
|
CVE-2014-3760
|
2024-11-21 11:08 |
2014-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284163
|
- |
|
karlen_walter
|
si_bibtex
|
Multiple SQL injection vulnerabilities in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allow remote attackers to execute arbitrary SQL commands via vectors related to the (1) search …
|
CWE-89
SQL Injection
|
CVE-2014-3759
|
2024-11-21 11:08 |
2014-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284164
|
- |
|
karlen_walter
|
si_bibtex
|
Cross-site scripting (XSS) vulnerability in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via vectors related to the imp…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3758
|
2024-11-21 11:08 |
2014-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284165
|
- |
|
bilyoner
|
bilyoner
|
The Bilyoner application before 2.3.1 for Android and before 4.6.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain se…
|
CWE-310
Cryptographic Issues
|
CVE-2014-3750
|
2024-11-21 11:08 |
2014-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284166
|
- |
|
phpmanufaktur
|
kitform
|
SQL injection vulnerability in sorter.php in the phpManufaktur kitForm extension 0.43 and earlier for the KeepInTouch (KIT) module allows remote attackers to execute arbitrary SQL commands via the so…
|
CWE-89
SQL Injection
|
CVE-2014-3757
|
2024-11-21 11:08 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284167
|
- |
|
jetaudio
|
jetaudio
|
JetMPAd.ax in JetAudio 8.1.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3443
|
2024-11-21 11:08 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284168
|
- |
|
videolan
|
vlc_media_player
|
codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3441
|
2024-11-21 11:08 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284169
|
- |
|
dovecot
|
dovecot
|
Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consum…
|
CWE-287
Improper Authentication
|
CVE-2014-3430
|
2024-11-21 11:08 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284170
|
- |
|
gitlab
|
gitlab
|
Cross-site scripting (XSS) vulnerability in GitLab Enterprise Edition (EE) 6.6.0 before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3456
|
2024-11-21 11:08 |
2014-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
