|
291221
|
- |
|
papercut
|
papercut_mf
|
Unspecified vulnerability in the print release functionality in PaperCut MF before 14.1 (Build 26983) has unknown impact and remote vectors, related to embedded MFPs.
|
NVD-CWE-noinfo
|
CVE-2014-2657
|
2024-11-21 11:06 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291222
|
- |
|
dompdf
|
dompdf
|
dompdf.php in dompdf before 0.6.1, when DOMPDF_ENABLE_PHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the i…
|
CWE-200
Information Exposure
|
CVE-2014-2383
|
2024-11-21 11:06 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291223
|
- |
|
net-snmp
|
net-snmp
|
The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptr…
|
CWE-20
Improper Input Validation
|
CVE-2014-2285
|
2024-11-21 11:06 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291224
|
- |
|
xcloner
|
xcloner
|
Multiple cross-site request forgery (CSRF) vulnerabilities in XCloner Standalone 3.5 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) change the…
|
CWE-352
Origin Validation Error
|
CVE-2014-2579
|
2024-11-21 11:06 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291225
|
- |
|
ektron
|
ektron_content_management_system
|
Cross-site scripting (XSS) vulnerability in content.aspx in Ektron CMS 8.7 before 8.7.0.055 allows remote authenticated users to inject arbitrary web script or HTML via the category0 parameter, which…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2729
|
2024-11-21 11:06 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291226
|
- |
|
ruby-lang
|
ruby
|
The openssl extension in Ruby 2.x does not properly maintain the state of process memory after a file is reopened, which allows remote attackers to spoof signatures within the context of a Ruby scrip…
|
CWE-399
Resource Management Errors
|
CVE-2014-2734
|
2024-11-21 11:06 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291227
|
- |
|
hp
|
integrated_lights-out_2_firmware
|
The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic from a CVE-2014-0160 v…
|
NVD-CWE-noinfo
|
CVE-2014-2601
|
2024-11-21 11:06 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291228
|
- |
|
modx
|
modx_revolution
|
Multiple SQL injection vulnerabilities in MODX Revolution before 2.2.14 allow remote attackers to execute arbitrary SQL commands via the (1) session ID (PHPSESSID) to index.php or remote authenticate…
|
CWE-89
SQL Injection
|
CVE-2014-2736
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291229
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite 7.4.1 before 7.4.1-rev11 and 7.4.2 before 7.4.2-rev13 allows remote attackers to inject arbitrary web script or HTML via a Drive file…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2393
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291230
|
- |
|
open-xchange
|
open-xchange_appsuite
|
The E-Mail autoconfiguration feature in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 places a password in a GET request, which allows remote attack…
|
CWE-200
Information Exposure
|
CVE-2014-2392
|
2024-11-21 11:06 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
