|
284721
|
- |
|
advantech
|
webaccess
|
Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8388
|
2024-11-21 11:19 |
2014-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284722
|
- |
|
redhat
|
tcpdump
|
tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Dist…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8769
|
2024-11-21 11:19 |
2014-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284723
|
- |
|
opensuse
canonical
oracle
redhat
|
opensuse
ubuntu_linux
solaris
tcpdump
|
Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2014-8768
|
2024-11-21 11:19 |
2014-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284724
|
- |
|
redhat
|
tcpdump
|
Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR f…
|
CWE-189
Numeric Errors
|
CVE-2014-8767
|
2024-11-21 11:19 |
2014-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284725
|
- |
|
zte
|
zxhn_h108l_firmware
|
ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote attackers to modify the CWMP configuration via a crafted request to Forms/access_cwmp_1.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8493
|
2024-11-21 11:19 |
2014-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284726
|
- |
|
advantech
|
eki-6340_firmware
eki-6340
|
cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users to execute arbitrary commands via shell metacharacters in the pinghost parameter to ping.cgi.
|
CWE-78
OS Command
|
CVE-2014-8387
|
2024-11-21 11:19 |
2014-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284727
|
- |
|
debian
xen
opensuse
|
debian_linux
xen
opensuse
|
arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service (crash) via a craf…
|
CWE-17
Code
|
CVE-2014-8595
|
2024-11-21 11:19 |
2014-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284728
|
- |
|
opensuse
debian
xen
|
opensuse
debian_linux
xen
|
The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service (NULL pointe…
|
CWE-20
Improper Input Validation
|
CVE-2014-8594
|
2024-11-21 11:19 |
2014-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284729
|
- |
|
pandorafms
|
pandora_flexible_monitoring_system
|
Cross-site scripting (XSS) vulnerability in the Page visualization agents in Pandora FMS 5.1 SP1 and earlier allows remote attackers to inject arbitrary web script or HTML via the refr parameter to i…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8629
|
2024-11-21 11:19 |
2014-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284730
|
- |
|
mantisbt
|
mantisbt
|
The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to (1) upload arbitrary XML files via the import page or (2) obtain sensitive information via th…
|
CWE-19
Data Processing Errors
|
CVE-2014-8598
|
2024-11-21 11:19 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
