|
284341
|
- |
|
ijianren
|
jian_ren
|
The Jian Ren (aka cn.sh.scustom.janren) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensiti…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7001
|
2024-11-21 11:16 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284342
|
- |
|
paulalexanderformayor
|
paul_alexander_campaign
|
The Paul Alexander Campaign (aka hr.apps.n51261427) application 4.5.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and ob…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7000
|
2024-11-21 11:16 |
2014-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284343
|
- |
|
twiki
microsoft
|
twiki
windows
|
lib/TWiki/Sandbox.pm in TWiki 6.0.0 and earlier, when running on Windows, allows remote attackers to bypass intended access restrictions and upload files with restricted names via a null byte (%00) i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7237
|
2024-11-21 11:16 |
2014-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284344
|
- |
|
debian
|
apt
advanced_package_tool
|
The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file.
|
CWE-59
Link Following
|
CVE-2014-7206
|
2024-11-21 11:16 |
2014-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284345
|
- |
|
kriesi
|
enfold
|
Unspecified vulnerability in the folder framework in the Enfold theme before 3.0.1 for WordPress has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2014-7297
|
2024-11-21 11:16 |
2014-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284346
|
- |
|
linux
|
linux_kernel
|
The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initial…
|
CWE-200
Information Exposure
|
CVE-2014-7284
|
2024-11-21 11:16 |
2014-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284347
|
- |
|
linux
redhat
|
linux_kernel
mrg_realtime
|
The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a …
|
CWE-399
Resource Management Errors
|
CVE-2014-7283
|
2024-11-21 11:16 |
2014-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284348
|
- |
|
kevin_renskers
|
dmmjobcontrol
|
Multiple SQL injection vulnerabilities in the search function in pi1/class.tx_dmmjobcontrol_pi1.php in the JobControl (dmmjobcontrol) extension 2.14.0 and earlier for TYPO3 allow remote attackers to …
|
CWE-89
SQL Injection
|
CVE-2014-7201
|
2024-11-21 11:16 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284349
|
- |
|
kevin_renskers
|
dmmjobcontrol
|
Cross-site scripting (XSS) vulnerability in pi1/class.tx_dmmjobcontrol_pi1.php in the JobControl (dmmjobcontrol) extension 2.14.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7200
|
2024-11-21 11:16 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284350
|
- |
|
cfdbplugin
|
contact_form_db
|
Multiple cross-site scripting (XSS) vulnerabilities in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin before 2.8.16 for WordPress allow remote attackers to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7139
|
2024-11-21 11:16 |
2014-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
