|
283431
|
- |
|
opensuse
cacti
|
opensuse
cacti
|
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the (1) drp_action parameter to cdef.php, (2) data_input.php, (3)…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4002
|
2024-11-21 11:09 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283432
|
- |
|
kanboard
|
kanboard
|
Cross-site request forgery (CSRF) vulnerability in Kanboard before 1.0.6 allows remote attackers to hijack the authentication of administrators for requests that add an administrative user via a save…
|
CWE-352
Origin Validation Error
|
CVE-2014-3920
|
2024-11-21 11:09 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283433
|
- |
|
kerio
|
control
|
Multiple SQL injection vulnerabilities in Kerio Control Statistics in Kerio Control (formerly WinRoute Firewall) before 8.3.2 allow remote authenticated users to execute arbitrary SQL commands via th…
|
CWE-89
SQL Injection
|
CVE-2014-3857
|
2024-11-21 11:09 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283434
|
- |
|
silex
|
sx-2000wg_firmware
|
silex SX-2000WG devices with firmware before 1.5.4 allow remote attackers to cause a denial of service (connectivity outage) via a crafted IP packet, a different vulnerability than CVE-2014-3889.
|
CWE-20
Improper Input Validation
|
CVE-2014-3890
|
2024-11-21 11:09 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283435
|
- |
|
silex
|
sx-2000wg_firmware
|
silex SX-2000WG devices with firmware before 1.5.4 allow remote attackers to cause a denial of service (connectivity outage) via crafted data in the Options field of a TCP header, a different vulnera…
|
CWE-20
Improper Input Validation
|
CVE-2014-3889
|
2024-11-21 11:09 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283436
|
- |
|
intercom
|
web_kyukincho
|
Cross-site request forgery (CSRF) vulnerability in Intercom Web Kyukincho 3.x before 3.0.030 allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2014-3881
|
2024-11-21 11:09 |
2014-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283437
|
- |
|
longtailvideo
|
jw_player_for_flash_\&_html5_video_plugin
|
Cross-site request forgery (CSRF) vulnerability in the JW Player plugin before 2.1.4 for WordPress allows remote attackers to hijack the authentication of administrators for requests that remove play…
|
CWE-352
Origin Validation Error
|
CVE-2014-4030
|
2024-11-21 11:09 |
2014-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283438
|
- |
|
12net
|
login_rebuilder
|
Cross-site request forgery (CSRF) vulnerability in the Login rebuilder plugin before 1.2.0 for WordPress allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2014-3882
|
2024-11-21 11:09 |
2014-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283439
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
mm/shmem.c in the Linux kernel through 3.15.1 does not properly implement the interaction between range notification and hole punching, which allows local users to cause a denial of service (i_mutex …
|
NVD-CWE-Other
|
CVE-2014-4171
|
2024-11-21 11:09 |
2014-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283440
|
- |
|
linux
|
linux_kernel
|
arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 on the MIPS platform does not configure _TIF_SECCOMP checks on the fast system-call path, which allows local users to bypass inte…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4157
|
2024-11-21 11:09 |
2014-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
