|
285551
|
- |
|
eset
|
personal_firewall_ndis_filter
|
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local us…
|
CWE-200
Information Exposure
|
CVE-2014-4974
|
2024-11-21 11:11 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285552
|
- |
|
expressionengine
ellislab
|
expressionengine
|
Multiple SQL injection vulnerabilities in EllisLab ExpressionEngine before 2.9.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) column_filter or (2) category[] paramet…
|
CWE-89
SQL Injection
|
CVE-2014-5387
|
2024-11-21 11:11 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285553
|
- |
|
ffmpeg
|
ffmpeg
|
libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x before 2.2.7, and 2.3.x before 2.3.2 allows remote attackers to have unspecified impact via a crafted iff image, which triggers an …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-5272
|
2024-11-21 11:11 |
2014-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285554
|
- |
|
ffmpeg
libav
|
ffmpeg
libav
|
Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 al…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-5271
|
2024-11-21 11:11 |
2014-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285555
|
- |
|
gnu
|
wget
|
Absolute path traversal vulnerability in GNU Wget before 1.16, when recursion is enabled, allows remote FTP servers to write to arbitrary files, and consequently execute arbitrary code, via a LIST re…
|
CWE-22
Path Traversal
|
CVE-2014-4877
|
2024-11-21 11:11 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285556
|
- |
|
xen
|
xen
|
Xen 4.4.x, when running on an ARM system and "handling an unknown system register access from 64-bit userspace," returns to an instruction of the trap handler for kernel space faults instead of an in…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-5148
|
2024-11-21 11:11 |
2014-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285557
|
- |
|
redhat
igniterealtime
|
jboss_fuse
smack_api
|
The Ignite Realtime Smack XMPP API 4.x before 4.0.2, and 3.x and 2.x when a custom SSLContext is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN)…
|
CWE-310
Cryptographic Issues
|
CVE-2014-5075
|
2024-11-21 11:11 |
2014-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285558
|
- |
|
zohocorp
|
manageengine_desktop_central
|
Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. (dot dot) in the fileName parameter to mdm/…
|
CWE-22
Path Traversal
|
CVE-2014-5006
|
2024-11-21 11:11 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285559
|
- |
|
zohocorp
|
manageengine_desktop_central
|
Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. (dot dot) in the fileName parameter in an L…
|
CWE-22
Path Traversal
|
CVE-2014-5005
|
2024-11-21 11:11 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285560
|
- |
|
playstudio
|
brisbane_\&_queensland_alert
|
The Brisbane & Queensland Alert (aka com.queensland.alert) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers a…
|
CWE-310
Cryptographic Issues
|
CVE-2014-4906
|
2024-11-21 11:11 |
2014-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
