|
279401
|
- |
|
sap
|
commoncryptolib
sapcryptolib
sapseculib
hana
netweaver
|
SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HANA, allows remote attackers to spoof Digital Signature Algorithm (DSA) sign…
|
CWE-310
Cryptographic Issues
|
CVE-2014-8587
|
2024-11-21 11:19 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279402
|
- |
|
cp_multi_view_event_calendar_project
|
cp_multi_view_event_calendar
|
SQL injection vulnerability in the CP Multi View Event Calendar plugin 1.01 for WordPress allows remote attackers to execute arbitrary SQL commands via the calid parameter.
|
CWE-89
SQL Injection
|
CVE-2014-8586
|
2024-11-21 11:19 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279403
|
- |
|
wpdownloadmanager
|
wordpress_download_manager
|
Directory traversal vulnerability in the WordPress Download Manager plugin for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the fname parameter to (1) views/file_do…
|
CWE-59
Link Following
|
CVE-2014-8585
|
2024-11-21 11:19 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279404
|
- |
|
web-dorado
|
web-dorado_spider_video_player
|
Cross-site scripting (XSS) vulnerability in the Web Dorado Spider Video Player (aka WordPress Video Player) plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8584
|
2024-11-21 11:19 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279405
|
- |
|
estsoft
|
alupdate
|
ESTsoft ALUpdate 8.5.1.0.0 uses weak permissions (Users: Full Control) for the (1) AlUpdate folder and (2) AlUpdate.exe, which allows local users to gain privileges via a Trojan horse file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8494
|
2024-11-21 11:19 |
2014-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279406
|
- |
|
fortinet
|
coyote_point_equalizer_firmware
coyote_point_equalizer
fortiadc_firmware
fortiadc-1000e
fortiadc-300e
fortiadc-400e
fortiadc-600e
|
FortiNet FortiADC-E with firmware 3.1.1 before 4.0.5 and Coyote Point Equalizer with firmware 10.2.0a allows remote attackers to obtain access to arbitrary subnets via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2014-8582
|
2024-11-21 11:19 |
2014-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279407
|
- |
|
openstack
|
horizon
|
Cross-site scripting (XSS) vulnerability in the Groups panel in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8578
|
2024-11-21 11:19 |
2014-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279408
|
- |
|
croogo
|
croogo
|
Multiple cross-site scripting (XSS) vulnerabilities in Croogo before 2.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) data[Contact][title] parameter to admin/contacts/c…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8577
|
2024-11-21 11:19 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279409
|
- |
|
bittorrent
|
bootstrap-dht
|
The lazy_bdecode function in BitTorrent bootstrap-dht (aka Bootstrap) allows remote attackers to execute arbitrary code via a crafted packet, which triggers an out-of-bounds read, related to "Imprope…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8509
|
2024-11-21 11:19 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279410
|
- |
|
citrix
|
xenmobile
|
Citrix XenMobile MDX Toolkit before 9.0.4, when used to wrap iOS 8 applications, does not properly encrypt cached application data, which allows context-dependent attackers to obtain sensitive inform…
|
CWE-310
Cryptographic Issues
|
CVE-2014-8495
|
2024-11-21 11:19 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
