|
285701
|
- |
|
linux
|
linux_kernel
|
The fst_get_iface function in drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive informati…
|
CWE-399
Resource Management Errors
|
CVE-2014-1444
|
2024-11-21 11:04 |
2014-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285702
|
- |
|
linux
|
linux_kernel
|
The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMM…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1438
|
2024-11-21 11:04 |
2014-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285703
|
- |
|
mcafee
|
vulnerability_manager
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Enterprise Manager in McAfee Vulnerability Manager (MVM) 7.5.5 and earlier allow remote attackers to hijack the authentication of use…
|
CWE-352
Origin Validation Error
|
CVE-2014-1473
|
2024-11-21 11:04 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285704
|
- |
|
mcafee
|
vulnerability_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the Enterprise Manager in McAfee Vulnerability Manager (MVM) 7.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1472
|
2024-11-21 11:04 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285705
|
- |
|
csp_mysql_user_manager_project
|
csp_mysql_user_manager
|
SQL injection vulnerability in CSP MySQL User Manager 2.3 allows remote attackers to execute arbitrary SQL commands via the login field of the login page.
|
CWE-89
SQL Injection
|
CVE-2014-1466
|
2024-11-21 11:04 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285706
|
- |
|
conceptronic
|
c54apm_firmware
c54apm
|
The Conceptronic C54APM access point with runtime code 1.26 has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via an HTTP request, as …
|
CWE-255
Credentials Management
|
CVE-2014-1408
|
2024-11-21 11:04 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285707
|
- |
|
conceptronic
|
c54apm_firmware
c54apm
|
Multiple cross-site scripting (XSS) vulnerabilities on the Conceptronic C54APM access point with runtime code 1.26 allow remote attackers to inject arbitrary web script or HTML via (1) the submit-url…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1407
|
2024-11-21 11:04 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285708
|
- |
|
conceptronic
|
c54apm_firmware
c54apm
|
CRLF injection vulnerability in goform/formWlSiteSurvey on the Conceptronic C54APM access point with runtime code 1.26 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP respon…
|
CWE-20
Improper Input Validation
|
CVE-2014-1406
|
2024-11-21 11:04 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285709
|
- |
|
conceptronic
|
c54apm_firmware
c54apm
|
Multiple open redirect vulnerabilities on the Conceptronic C54APM access point with runtime code 1.26 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via …
|
CWE-20
Improper Input Validation
|
CVE-2014-1405
|
2024-11-21 11:04 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285710
|
9.8 |
CRITICAL
Network
|
huge-it
|
portfolio_gallery
|
A vulnerability classified as critical has been found in Portfolio Gallery Plugin up to 1.1.8 on WordPress. This affects an unknown part. The manipulation leads to sql injection. It is possible to in…
|
CWE-89
SQL Injection
|
CVE-2014-125101
|
2024-11-21 11:03 |
2023-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
