|
286101
|
- |
|
tableausoftware
|
tableau_server
|
SQL injection vulnerability in Tableau Server 8.0.x before 8.0.7 and 8.1.x before 8.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be…
|
CWE-89
SQL Injection
|
CVE-2014-1204
|
2024-11-21 11:03 |
2014-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286102
|
- |
|
eviware
smartbear
|
soapui
|
The WSDL/WADL import functionality in SoapUI before 4.6.4 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file.
|
CWE-94
Code Injection
|
CVE-2014-1202
|
2024-11-21 11:03 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286103
|
- |
|
apple
|
pages
mac_os_x
iphone_os
|
Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Microsoft W…
|
CWE-415
Double Free
|
CVE-2014-1252
|
2024-11-21 11:03 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286104
|
- |
|
apple
|
itunes
|
Apple iTunes before 11.1.4 uses HTTP for the iTunes Tutorials window, which allows man-in-the-middle attackers to spoof content by gaining control over the client-server data stream.
|
CWE-310
Cryptographic Issues
|
CVE-2014-1242
|
2024-11-21 11:03 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286105
|
- |
|
opensuse
lightdm_gtk\+_greeter_project
|
opensuse
lightdm_gtk\+_greeter
|
The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+ Greeter before 1.7.1 does not properly handle the return value from the lightdm_greeter_get_authentication_user function, wh…
|
NVD-CWE-Other
|
CVE-2014-0979
|
2024-11-21 11:03 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286106
|
- |
|
vmware
|
vcloud_director
|
Cross-site request forgery (CSRF) vulnerability in VMware vCloud Director 5.1.x before 5.1.3 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout.
|
CWE-352
Origin Validation Error
|
CVE-2014-1211
|
2024-11-21 11:03 |
2014-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286107
|
- |
|
vmware
|
esxi
workstation
fusion
player
esx
|
VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of …
|
NVD-CWE-Other
|
CVE-2014-1208
|
2024-11-21 11:03 |
2014-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286108
|
- |
|
vmware
|
esxi
esx
|
VMware ESXi 4.0 through 5.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (NULL pointer dereference) by intercepting and modifying Network File Copy (NFC) traffic.
|
NVD-CWE-Other
|
CVE-2014-1207
|
2024-11-21 11:03 |
2014-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286109
|
- |
|
openwebanalytics
|
open_web_analytics
|
SQL injection vulnerability in the password reset page in Open Web Analytics (OWA) before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the owa_email_address parameter in a base…
|
CWE-89
SQL Injection
|
CVE-2014-1206
|
2024-11-21 11:03 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286110
|
- |
|
lorex_technology
lorextechnology
|
edge_lh310_firmware
edge
edge3_lh340_firmware
edge3
edge2_lh330_firmware
edge2
edge\+_lh320_firmware
edge\+
|
Buffer overflow in the INetViewX ActiveX control in the Lorex Edge LH310 and Edge+ LH320 series with firmware 7-35-28-1B26E, Edge2 LH330 series with firmware 11.17.38-33_1D97A, and Edge3 LH340 series…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1201
|
2024-11-21 11:03 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
