|
284051
|
- |
|
kennziffer
|
ke_questionnaire
|
The ke_questionnaire extension 2.5.2 and earlier for TYPO3 uses predictable names for the questionnaire answer forms, which makes it easier for remote attackers to obtain sensitive information via a …
|
CWE-200
Information Exposure
|
CVE-2014-8874
|
2024-11-21 11:19 |
2014-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284052
|
- |
|
gleamtech
|
filevista
|
GleamTech FileVista before 6.1 allows remote authenticated users to create arbitrary files and possibly execute arbitrary code via a crafted path in a zip archive, which is not properly handled durin…
|
CWE-20
Improper Input Validation
|
CVE-2014-8789
|
2024-11-21 11:19 |
2014-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284053
|
- |
|
gleamtech
|
filevista
|
GleamTech FileVista before 6.1 allows remote authenticated users to obtain sensitive information via a crafted path when saving a zip file, which reveals the installation path in an error message.
|
CWE-200
Information Exposure
|
CVE-2014-8788
|
2024-11-21 11:19 |
2014-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284054
|
- |
|
ad-manager_project
|
ad-manager
|
Open redirect vulnerability in track-click.php in the Ad-Manager plugin 1.1.2 for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in …
|
NVD-CWE-Other
|
CVE-2014-8754
|
2024-11-21 11:19 |
2014-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284055
|
- |
|
subex
|
roc_fraud_management_system
|
SQL injection vulnerability in the login page (login/login) in Subex ROC Fraud Management (aka Fraud Management System and FMS) 7.4 and earlier allows remote attackers to execute arbitrary SQL comman…
|
CWE-89
SQL Injection
|
CVE-2014-8728
|
2024-11-21 11:19 |
2014-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284056
|
- |
|
enalean
|
tuleap
|
project/register.php in Tuleap before 7.7, when sys_create_project_in_one_step is disabled, allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code vi…
|
CWE-94
Code Injection
|
CVE-2014-8791
|
2024-11-21 11:19 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284057
|
- |
|
redhat
xen
debian
opensuse
|
enterprise_linux
enterprise_linux_desktop
xen
debian_linux
opensuse
|
The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM…
|
CWE-17
Code
|
CVE-2014-8867
|
2024-11-21 11:19 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284058
|
- |
|
debian
xen
opensuse
|
debian_linux
xen
opensuse
|
The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vec…
|
CWE-17
Code
|
CVE-2014-8866
|
2024-11-21 11:19 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284059
|
- |
|
ait-pro
|
bulletproof_security
|
Server-side request forgery (SSRF) vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote attackers to trigger outbound requests tha…
|
NVD-CWE-noinfo
|
CVE-2014-8749
|
2024-11-21 11:19 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284060
|
- |
|
linux
|
linux_kernel
|
Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8884
|
2024-11-21 11:19 |
2014-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
