|
282761
|
- |
|
adobe
apple
microsoft
|
acrobat
mac_os_x
windows
acrobat_reader
|
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vec…
|
CWE-94
Code Injection
|
CVE-2014-9158
|
2024-11-21 11:20 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282762
|
- |
|
logintoboggan_project
|
logintoboggan
|
Cross-site scripting (XSS) vulnerability in the Unified Login form in the LoginToboggan module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via uns…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9364
|
2024-11-21 11:20 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282763
|
- |
|
meta_tags_quick_project
|
meta_tags_quick
|
Open redirect vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users to redirect users to arbitrary we…
|
NVD-CWE-Other
|
CVE-2014-9363
|
2024-11-21 11:20 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282764
|
- |
|
meta_tags_quick_project
|
meta_tags_quick
|
Cross-site scripting (XSS) vulnerability in the path-based meta tag editing form in the Meta tags quick module 7.x-2.x before 7.x-2.8 for Drupal allows remote authenticated users with the "Edit path …
|
CWE-79
Cross-site Scripting
|
CVE-2014-9362
|
2024-11-21 11:20 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282765
|
- |
|
logintoboggan_project
|
logintoboggan
|
The LoginToboggan module 7.x-1.x before 7.x-1.4 for Drupal does not properly unset the authorized user role for certain users, which allows remote attackers with the pre-authorized role to gain privi…
|
CWE-200
Information Exposure
|
CVE-2014-9361
|
2024-11-21 11:20 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282766
|
- |
|
scalix
|
web_access
|
XML external entity (XXE) vulnerability in Scalix Web Access 11.4.6.12377 and 12.2.0.14697 allows remote attackers to read arbitrary files and trigger requests to intranet servers via a crafted reque…
|
NVD-CWE-Other
|
CVE-2014-9360
|
2024-11-21 11:20 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282767
|
- |
|
intelliants
|
subrion
|
Cross-site scripting (XSS) vulnerability in Subrion CMS before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to subrion/search/.
|
CWE-79
Cross-site Scripting
|
CVE-2014-9120
|
2024-11-21 11:20 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282768
|
- |
|
icecast
|
icecast
|
Icecast before 2.4.0 does not change the supplementary group privileges when <changeowner> is configured, which allows local users to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9091
|
2024-11-21 11:20 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282769
|
- |
|
scalix
|
web_access
|
Cross-site scripting (XSS) vulnerability in the mail administration login panel in Scalix Web Access 11.4.6.12377 allows remote attackers to inject arbitrary web script or HTML via unspecified vector…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9352
|
2024-11-21 11:20 |
2014-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282770
|
- |
|
teeworlds
|
teeworlds
|
engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote attackers to read memory and cause a denial of service (crash) via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2014-9351
|
2024-11-21 11:20 |
2014-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
