|
280161
|
7.5 |
HIGH
Network
|
aircrack-ng
|
aircrack-ng
|
buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter.
|
CWE-20
Improper Input Validation
|
CVE-2014-8323
|
2024-11-21 11:18 |
2017-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280162
|
6.1 |
MEDIUM
Network
|
post_highlights_projects
|
post_highlights
|
Cross-site scripting (XSS) vulnerability in the post highlights plugin before 2.6.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the txt parameter in a headline ac…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8087
|
2024-11-21 11:18 |
2017-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280163
|
7.5 |
HIGH
Network
|
ovirt
redhat
|
ovirt
ovirt-engine
|
oVirt 3.2.2 through 3.5.0 does not invalidate the restapi session after logout from the webadmin, which allows remote authenticated users with knowledge of another user's session data to gain that us…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7851
|
2024-11-21 11:18 |
2017-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280164
|
8.8 |
HIGH
Network
|
ovirt
|
ovirt-node
|
ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, …
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2014-8170
|
2024-11-21 11:18 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280165
|
7.8 |
HIGH
Local
|
fso-frameworkd_project
fso-gsmd_project
fso-usaged_project
phonefsod_project
|
fso-frameworkd
fso-gsmd
fso-usaged
phonefsod
|
The D-Bus security policy files in /etc/dbus-1/system.d/*.conf in fso-gsmd 0.12.0-3, fso-frameworkd 0.9.5.9+git20110512-4, and fso-usaged 0.12.0-2 as packaged in Debian, the upstream cornucopia.git (…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8156
|
2024-11-21 11:18 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280166
|
9.8 |
CRITICAL
Network
|
redhat
|
edeploy
|
eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP to download files.
|
CWE-200
Information Exposure
|
CVE-2014-8174
|
2024-11-21 11:18 |
2017-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280167
|
7.5 |
HIGH
Network
|
apache
|
wicket
|
Apache Wicket before 1.5.13, 6.x before 6.19.0, and 7.x before 7.0.0-M5 make it easier for attackers to defeat a cryptographic protection mechanism and predict encrypted URLs by leveraging use of Cry…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7808
|
2024-11-21 11:18 |
2017-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280168
|
6.5 |
MEDIUM
Network
|
redhat
|
satellite
|
Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5.
|
CWE-22
Path Traversal
|
CVE-2014-8163
|
2024-11-21 11:18 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280169
|
6.1 |
MEDIUM
Local
|
redhat
|
satellite
|
Red Hat Satellite 6 allows local users to access mongod and delete pulp_database.
|
CWE-284
Improper Access Control
|
CVE-2014-8168
|
2024-11-21 11:18 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280170
|
5.3 |
MEDIUM
Network
|
d-link
|
dns-327l_firmware
dns-320l_firmware
|
The web/web_file/fb_publish.php script in D-Link DNS-320L before 1.04b12 and DNS-327L before 1.03b04 Build0119 does not authenticate requests, which allows remote attackers to obtain arbitrary photos…
|
CWE-287
CWE-200
Improper Authentication
Information Exposure
|
CVE-2014-7860
|
2024-11-21 11:18 |
2017-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
