|
279341
|
8.8 |
HIGH
Network
|
huawei
|
fusionmanager
usg9500_firmware
usg2100_firmware
usg2200_firmware
usg5100_firmware
usg5500_firmware
|
Huawei FusionManager with software V100R002C03 and V100R003C00 could allow an unauthenticated, remote attacker to conduct a CSRF attack against the user of the web interface.
|
CWE-352
Origin Validation Error
|
CVE-2014-9136
|
2024-11-21 11:20 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279342
|
7.8 |
HIGH
Local
|
opensuse
fedoraproject
kernel
|
opensuse
fedora
util-linux
|
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.
|
CWE-77
Command Injection
|
CVE-2014-9114
|
2024-11-21 11:20 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279343
|
9.8 |
CRITICAL
Network
|
linux
|
linux_kernel
|
The vfe31_proc_general function in drivers/media/video/msm/vfe/msm_vfe31.c in the MSM-VFE31 driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM…
|
CWE-20
Improper Input Validation
|
CVE-2014-9410
|
2024-11-21 11:20 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279344
|
- |
|
advantech
|
webaccess
|
Multiple stack-based buffer overflows in an unspecified DLL file in Advantech WebAccess before 8.0_20150816 allow remote attackers to execute arbitrary code via a crafted file that triggers long stri…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9202
|
2024-11-21 11:20 |
2015-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279345
|
- |
|
symantec
|
endpoint_protection
|
Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow remote authenticated users to execute arbitrary SQL …
|
CWE-89
SQL Injection
|
CVE-2014-9229
|
2024-11-21 11:20 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279346
|
- |
|
symantec
|
endpoint_protection
|
sysplant.sys in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allows local users to cause a denial of service (blocked system shutdown) by triggering an unspecified deadlo…
|
CWE-399
Resource Management Errors
|
CVE-2014-9228
|
2024-11-21 11:20 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279347
|
- |
|
symantec
|
endpoint_protection
|
Multiple untrusted search path vulnerabilities in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow local users to gain privileges via a Trojan horse DLL in an unspecifi…
|
NVD-CWE-Other
|
CVE-2014-9227
|
2024-11-21 11:20 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279348
|
- |
|
advantech
|
webaccess
|
Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess before 8.0.1 allow remote attackers to execute arbitrary code via unknown vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9208
|
2024-11-21 11:20 |
2015-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279349
|
- |
|
mantisbt
|
mantisbt
|
Cross-site scripting (XSS) vulnerability in the "set configuration" box in the Configuration Report page (adm_config_report.php) in MantisBT 1.2.13 through 1.2.17 allows remote administrators to inje…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8987
|
2024-11-21 11:20 |
2015-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279350
|
- |
|
eaton
|
proview
|
Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 controls and Idea and IdeaPLUS relays generates TCP initial sequence number (ISN) values linearly, which makes it easier for rem…
|
CWE-254
7PK - Security Features
|
CVE-2014-9196
|
2024-11-21 11:20 |
2015-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
