|
281951
|
6.1 |
MEDIUM
Network
|
netsweeper
|
netsweeper
|
Cross-site scripting (XSS) vulnerability in remotereporter/load_logfiles.php in Netsweeper 4.0.3 and 4.0.4 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-9607
|
2024-11-21 11:21 |
2020-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281952
|
6.1 |
MEDIUM
Network
|
netsweeper
|
netsweeper
|
Multiple cross-site scripting (XSS) vulnerabilities in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) s…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9606
|
2024-11-21 11:21 |
2020-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281953
|
9.8 |
CRITICAL
Network
|
atutor
|
atutor
|
confirm.php in ATutor 2.2 and earlier allows remote attackers to bypass authentication and gain access as an existing user via the auto_login parameter.
|
CWE-287
Improper Authentication
|
CVE-2014-9753
|
2024-11-21 11:21 |
2020-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281954
|
8.1 |
HIGH
Network
|
libuv
nodejs
|
libuv
node.js
|
The uv_rwlock_t fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to cau…
|
CWE-362
Race Condition
|
CVE-2014-9748
|
2024-11-21 11:21 |
2020-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281955
|
9.8 |
CRITICAL
Network
|
nwjs
|
nw
|
A vulnerability exists in nw.js before 0.11.3 when calling nw methods from normal frames, which has an unspecified impact.
|
NVD-CWE-noinfo
|
CVE-2014-9530
|
2024-11-21 11:21 |
2020-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281956
|
7.8 |
HIGH
Local
|
videolan
|
vlc_media_player
|
The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9630
|
2024-11-21 11:21 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281957
|
7.8 |
HIGH
Local
|
videolan
|
vlc_media_player
|
Integer overflow in the Encode function in modules/codec/schroedinger.c in VideoLAN VLC media player before 2.1.6 and 2.2.x before 2.2.1 allows remote attackers to conduct buffer overflow attacks and…
|
CWE-120
Classic Buffer Overflow
|
CVE-2014-9629
|
2024-11-21 11:21 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281958
|
7.8 |
HIGH
Local
|
videolan
|
vlc_media_player
|
The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow a…
|
CWE-120
Classic Buffer Overflow
|
CVE-2014-9628
|
2024-11-21 11:21 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281959
|
7.8 |
HIGH
Local
|
videolan
|
vlc_media_player
|
The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows re…
|
CWE-704
Incorrect Type Conversion or Cast
|
CVE-2014-9627
|
2024-11-21 11:21 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281960
|
7.8 |
HIGH
Local
|
videolan
|
vlc_media_player
|
Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unsp…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2014-9626
|
2024-11-21 11:21 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
