|
284211
|
- |
|
twiki
|
twiki
|
Multiple cross-site scripting (XSS) vulnerabilities in TWiki 6.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) QUERYSTRING variable in lib/TWiki.pm or (2) QUERYPARAMSTRI…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9325
|
2024-11-21 11:20 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284212
|
- |
|
minibb
|
minibb
|
bb_func_unsub.php in MiniBB 3.1 before 20141127 uses an incorrect regular expression, which allows remote attackers to conduct SQl injection attacks via the code parameter in an unsubscribe action to…
|
CWE-89
SQL Injection
|
CVE-2014-9254
|
2024-11-21 11:20 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284213
|
- |
|
php
|
php
|
The apprentice_load function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform a free operation on a stack-based character array, which allows remote attacke…
|
CWE-17
Code
|
CVE-2014-9426
|
2024-11-21 11:20 |
2014-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284214
|
- |
|
php
apple
|
php
mac_os_x
|
Double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of…
|
NVD-CWE-Other
|
CVE-2014-9425
|
2024-11-21 11:20 |
2014-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284215
|
- |
|
openbsd
|
libressl
|
Double free vulnerability in the ssl_parse_clienthello_use_srtp_ext function in d1_srtp.c in LibreSSL before 2.1.2 allows remote attackers to cause a denial of service or possibly have unspecified ot…
|
NVD-CWE-Other
|
CVE-2014-9424
|
2024-11-21 11:20 |
2014-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284216
|
- |
|
schneider_electric
|
proclima
|
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability t…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9188
|
2024-11-21 11:20 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284217
|
- |
|
linux
|
linux_kernel
|
The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service…
|
CWE-399
Resource Management Errors
|
CVE-2014-9420
|
2024-11-21 11:20 |
2014-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284218
|
- |
|
linux
|
linux_kernel
|
The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, …
|
CWE-200
Information Exposure
|
CVE-2014-9419
|
2024-11-21 11:20 |
2014-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284219
|
- |
|
huawei
|
espace_desktop
|
The eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei eSpace Desktop before V200R001C03 allows local users to cause a denial of service (memory overflow) via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9418
|
2024-11-21 11:20 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284220
|
- |
|
huawei
|
espace_desktop
|
The Meeting component in Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted image.
|
CWE-20
Improper Input Validation
|
CVE-2014-9417
|
2024-11-21 11:20 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
