|
279191
|
- |
|
debian
xen
opensuse
|
debian_linux
xen
opensuse
|
The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vec…
|
CWE-17
Code
|
CVE-2014-8866
|
2024-11-21 11:19 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279192
|
- |
|
ait-pro
|
bulletproof_security
|
Server-side request forgery (SSRF) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote attackers to trigger outbound requests tha…
|
NVD-CWE-noinfo
|
CVE-2014-8749
|
2024-11-21 11:19 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279193
|
- |
|
linux
|
linux_kernel
|
Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8884
|
2024-11-21 11:19 |
2014-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279194
|
- |
|
strangerstudios
|
paid_memberships_pro
|
Directory traversal vulnerability in services/getfile.php in the Paid Memberships Pro plugin before 1.7.15 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the QUER…
|
CWE-22
Path Traversal
|
CVE-2014-8801
|
2024-11-21 11:19 |
2014-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279195
|
- |
|
dukapress
|
dukapress
|
Directory traversal vulnerability in the dp_img_resize function in php/dp-functions.php in the DukaPress plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. (do…
|
CWE-22
Path Traversal
|
CVE-2014-8799
|
2024-11-21 11:19 |
2014-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279196
|
- |
|
xavoc
|
xepan_cms
|
Cross-site request forgery (CSRF) vulnerability in Xavoc Technocrats xEpan CMS 1.0.4.1, 1.0.4, 1.0.1, and earlier allows remote attackers to hijack the authentication of administrators for requests t…
|
CWE-352
Origin Validation Error
|
CVE-2014-8429
|
2024-11-21 11:19 |
2014-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279197
|
- |
|
arris
|
vap2500_firmware
|
The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading the configuration files.
|
CWE-200
Information Exposure
|
CVE-2014-8425
|
2024-11-21 11:19 |
2014-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279198
|
- |
|
arris
|
vap2500_firmware
|
ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass authentication.
|
CWE-287
Improper Authentication
|
CVE-2014-8424
|
2024-11-21 11:19 |
2014-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279199
|
- |
|
arris
|
vap2500_firmware
|
Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to execute arbitrary commands via unknown vectors.
|
CWE-74
Injection
|
CVE-2014-8423
|
2024-11-21 11:19 |
2014-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279200
|
- |
|
wibu
|
codemeter_runtime
|
Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions (read and write access for all users) for codemeter.exe, which allows local users to gain privileges via a Trojan horse file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8419
|
2024-11-21 11:19 |
2014-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
