|
281741
|
- |
|
moodle
|
moodle
|
lib/classes/grades_external.php in Moodle 2.7.x before 2.7.3 does not consider the moodle/grade:viewhidden capability before displaying hidden grades, which allows remote authenticated users to obtai…
|
CWE-200
Information Exposure
|
CVE-2014-7831
|
2024-11-21 11:18 |
2014-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281742
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote au…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7830
|
2024-11-21 11:18 |
2014-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281743
|
- |
|
ruby-lang
|
ruby
|
The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption)…
|
NVD-CWE-Other
|
CVE-2014-8090
|
2024-11-21 11:18 |
2014-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281744
|
- |
|
open-xchange
|
open-xchange_appsuite
|
SQL injection vulnerability in Open-Xchange (OX) AppSuite before 7.4.2-rev36 and 7.6.x before 7.6.0-rev23 allows remote authenticated users to execute arbitrary SQL commands via a crafted jslob API c…
|
CWE-89
SQL Injection
|
CVE-2014-7871
|
2024-11-21 11:18 |
2014-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281745
|
- |
|
cisco
|
unified_communications_manager_im_and_presence_service
|
Cisco Unified Communications Manager IM and Presence Service 9.1(1) produces different returned messages for URL requests depending on whether a username exists, which allows remote attackers to enum…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8000
|
2024-11-21 11:18 |
2014-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281746
|
- |
|
freeipa
|
freeipa
|
FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is enabled, allows remote attackers to bypass the password requirement of the two-factor authentication leveraging an enabled OTP token, wh…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7828
|
2024-11-21 11:18 |
2014-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281747
|
- |
|
google
|
chrome
|
Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-7910
|
2024-11-21 11:18 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281748
|
- |
|
google
|
chrome
|
effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before 39.0.2171.65, computes a hash key using uninitialized integer values, which might allow remote attackers to cause a denial of ser…
|
CWE-189
Numeric Errors
|
CVE-2014-7909
|
2024-11-21 11:18 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281749
|
- |
|
google
|
chrome
|
Multiple integer overflows in the CheckMov function in media/base/container_names.cc in Google Chrome before 39.0.2171.65 allow remote attackers to cause a denial of service or possibly have unspecif…
|
CWE-189
Numeric Errors
|
CVE-2014-7908
|
2024-11-21 11:18 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281750
|
- |
|
google
|
chrome
|
Multiple use-after-free vulnerabilities in modules/screen_orientation/ScreenOrientationController.cpp in Blink, as used in Google Chrome before 39.0.2171.65, allow remote attackers to cause a denial …
|
CWE-399
Resource Management Errors
|
CVE-2014-7907
|
2024-11-21 11:18 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
