|
285431
|
7.5 |
HIGH
Network
|
google
|
android
|
WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and poten…
|
CWE-19
Data Processing Errors
|
CVE-2014-0997
|
2024-11-21 11:03 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285432
|
7.8 |
HIGH
Local
|
graphviz
|
graphviz
|
Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. NOTE: …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1235
|
2024-11-21 11:03 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285433
|
- |
|
sendio
|
sendio
|
Sendio before 7.2.4 includes the session identifier in URLs in emails, which allows remote attackers to obtain sensitive information and hijack sessions by reading the jsessionid parameter in the Ref…
|
CWE-200
Information Exposure
|
CVE-2014-0999
|
2024-11-21 11:03 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285434
|
- |
|
ibm
|
db2
|
IBM DB2 9.5 through 10.5 on Linux, UNIX, and Windows stores passwords during the processing of certain SQL statements by the monitoring and audit facilities, which allows remote authenticated users t…
|
CWE-200
Information Exposure
|
CVE-2014-0919
|
2024-11-21 11:03 |
2015-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285435
|
- |
|
freebsd
|
freebsd
|
Integer signedness error in the vt console driver (formerly Newcons) in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service (crash) and possibly gain privileges …
|
CWE-189
Numeric Errors
|
CVE-2014-0998
|
2024-11-21 11:03 |
2015-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285436
|
- |
|
domphp
|
domphp
|
SQL injection vulnerability in agenda/indexdate.php in DomPHP 0.83 and earlier allows remote attackers to execute arbitrary SQL commands via the ids parameter.
|
CWE-89
SQL Injection
|
CVE-2014-10038
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285437
|
- |
|
domphp
|
domphp
|
Directory traversal vulnerability in DomPHP 0.83 and earlier allows remote attackers to have unspecified impact via a .. (dot dot) in the url parameter to photoalbum/index.php.
|
CWE-22
Path Traversal
|
CVE-2014-10037
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285438
|
- |
|
jetbrains
|
teamcity
|
Cross-site scripting (XSS) vulnerability in JetBrains TeamCity before 8.1 allows remote attackers to inject arbitrary web script or HTML via the cameFromUrl parameter to feed/generateFeedUrl.html.
|
CWE-79
Cross-site Scripting
|
CVE-2014-10036
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285439
|
- |
|
couponphp
|
couponphp
|
Multiple cross-site scripting (XSS) vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to inject arbitrary web script or HTML via the (1) sEcho parameter to comme…
|
CWE-79
Cross-site Scripting
|
CVE-2014-10035
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285440
|
- |
|
couponphp
|
couponphp
|
Multiple SQL injection vulnerabilities in the admin area in couponPHP before 1.2.0 allow remote administrators to execute arbitrary SQL commands via the (1) iDisplayLength or (2) iDisplayStart parame…
|
CWE-89
SQL Injection
|
CVE-2014-10034
|
2024-11-21 11:03 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
