|
284851
|
- |
|
joshua_peek
|
rack-ssl
|
Cross-site scripting (XSS) vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be prop…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2538
|
2024-11-21 11:06 |
2014-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284852
|
6.1 |
MEDIUM
Network
|
barracudadrive
|
barracudadrive
|
Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive before 6.7 allow remote attackers to inject arbitrary web script or HTML via the (1) sForumName or (2) sDescription parameter to …
|
CWE-79
Cross-site Scripting
|
CVE-2014-2526
|
2024-11-21 11:06 |
2014-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284853
|
- |
|
openstack
|
compute
|
The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denia…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2573
|
2024-11-21 11:06 |
2014-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284854
|
- |
|
opensuse
icinga
|
opensuse
icinga
|
Multiple off-by-one errors in Icinga, possibly 1.10.2 and earlier, allow remote attackers to cause a denial of service (crash) via unspecified vectors to the (1) display_nav_table, (2) print_export_l…
|
CWE-189
Numeric Errors
|
CVE-2014-2386
|
2024-11-21 11:06 |
2014-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284855
|
- |
|
net-snmp
|
net-snmp
|
The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does not properly validate input, which allows remote attackers to cause a deni…
|
CWE-20
Improper Input Validation
|
CVE-2014-2284
|
2024-11-21 11:06 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284856
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
Use-after-free vulnerability in the nfqnl_zcopy function in net/netfilter/nfnetlink_queue_core.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory…
|
CWE-416
Use After Free
|
CVE-2014-2568
|
2024-11-21 11:06 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284857
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibl…
|
CWE-20
Improper Input Validation
|
CVE-2014-2523
|
2024-11-21 11:06 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284858
|
- |
|
sonicwall
|
nsa_2400
|
Cross-site scripting (XSS) vulnerability in the Dashboard Backend service (stats/dashboard.jsp) in SonicWall Network Security Appliance (NSA) 2400 allows remote attackers to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2589
|
2024-11-21 11:06 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284859
|
- |
|
mcafee
|
asset_manager
|
Directory traversal vulnerability in servlet/downloadReport in McAfee Asset Manager 6.6 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the reportFileName parameter.
|
CWE-22
Path Traversal
|
CVE-2014-2588
|
2024-11-21 11:06 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284860
|
- |
|
mcafee
|
asset_manager
|
SQL injection vulnerability in jsp/reports/ReportsAudit.jsp in McAfee Asset Manager 6.6 allows remote authenticated users to execute arbitrary SQL commands via the username of an audit report (aka us…
|
CWE-89
SQL Injection
|
CVE-2014-2587
|
2024-11-21 11:06 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
