|
278931
|
- |
|
unzip_project
canonical
debian
fedoraproject
|
unzip
ubuntu_linux
debian_linux
fedora
|
unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip arc…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9636
|
2024-11-21 11:21 |
2015-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278932
|
- |
|
avg
|
protection
internet_security
|
The TDI driver (avgtdix.sys) in AVG Internet Security before 2013.3495 Hot Fix 18 and 2015.x before 2015.5315 and Protection before 2015.5315 allows local users to write to arbitrary memory locations…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9632
|
2024-11-21 11:21 |
2015-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278933
|
- |
|
m2_technologies
|
optimalsite
|
Cross-site scripting (XSS) vulnerability in display_dialog.php in M2 OptimalSite 0.1 and 2.4 allows remote attackers to inject arbitrary web script or HTML via the image parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-9562
|
2024-11-21 11:21 |
2015-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278934
|
- |
|
comodo
|
backup
|
The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote attackers to gain privileges via a crafted device handle, which triggers a NULL pointer dereference.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9633
|
2024-11-21 11:21 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278935
|
- |
|
fluxbb
|
fluxbb
|
Directory traversal vulnerability in install.php in FluxBB before 1.5.8 allows remote attackers to include and execute arbitrary local install.php files via a .. (dot dot) in the install_lang paramet…
|
CWE-22
Path Traversal
|
CVE-2014-9574
|
2024-11-21 11:21 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278936
|
- |
|
voxpupuli
|
rabbitmq
|
puppetlabs-rabbitmq 3.0 through 4.1 stores the RabbitMQ Erlang cookie value in the facts of a node, which allows local users to obtain sensitive information as demonstrated by using Facter.
|
CWE-200
Information Exposure
|
CVE-2014-9568
|
2024-11-21 11:21 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278937
|
- |
|
snipsnap
|
snipsnap
|
Cross-site scripting (XSS) vulnerability in SnipSnap 0.5.2a, 1.0b1, and 1.0b2 allows remote attackers to inject arbitrary web script or HTML via the query parameter to /snipsnap-search.
|
CWE-79
Cross-site Scripting
|
CVE-2014-9559
|
2024-11-21 11:21 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278938
|
- |
|
libmspack_project
|
libmspack
|
Integer overflow in the qtmd_decompress function in libmspack 0.4 allows remote attackers to cause a denial of service (hang) via a crafted CAB file, which triggers an infinite loop.
|
CWE-189
Numeric Errors
|
CVE-2014-9556
|
2024-11-21 11:21 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278939
|
- |
|
vmware
|
rabbitmq
|
CRLF injection vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks…
|
NVD-CWE-Other
|
CVE-2014-9650
|
2024-11-21 11:21 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278940
|
- |
|
vmware
|
rabbitmq
|
Cross-site scripting (XSS) vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the path info to api/…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9649
|
2024-11-21 11:21 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
