|
290431
|
- |
|
mcafee
|
web_gateway
|
Directory traversal vulnerability in McAfee Web Gateway (MWG) 7.4.x before 7.4.1, 7.3.x before 7.3.2.6, and 7.2.0.9 and earlier allows remote authenticated users to read arbitrary files via a crafted…
|
CWE-22
Path Traversal
|
CVE-2014-2535
|
2024-11-21 11:06 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290432
|
- |
|
blackberry
|
qnx_neutrino_rtos
|
/sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading "bad parameter" lines in error messages, as demonstrated by reading the ro…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2534
|
2024-11-21 11:06 |
2014-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290433
|
- |
|
blackberry
|
qnx_neutrino_rtos
|
/sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2533
|
2024-11-21 11:06 |
2014-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290434
|
4.9 |
MEDIUM
Network
|
oracle
openbsd
|
communications_user_data_repository
openssh
|
sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring locate…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2532
|
2024-11-21 11:06 |
2014-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290435
|
- |
|
lighttpd
debian
opensuse
suse
contec
|
lighttpd
debian_linux
opensuse
linux_enterprise_software_development_kit
linux_enterprise_high_availability_extension
sv-cpt-mc310_firmware
|
Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, r…
|
CWE-22
Path Traversal
|
CVE-2014-2324
|
2024-11-21 11:06 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290436
|
9.8 |
CRITICAL
Network
|
lighttpd
debian
opensuse
suse
|
lighttpd
debian_linux
opensuse
linux_enterprise_software_development_kit
linux_enterprise_high_availability_extension
|
SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.
|
CWE-89
SQL Injection
|
CVE-2014-2323
|
2024-11-21 11:06 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290437
|
- |
|
juniper
|
ive_os
|
Unspecified vulnerability in the Linux Network Connect client in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before…
|
NVD-CWE-noinfo
|
CVE-2014-2292
|
2024-11-21 11:06 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290438
|
- |
|
juniper
|
ive_os
|
Cross-site scripting (XSS) vulnerability in the Pulse Collaboration (Secure Meeting) user pages in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r18, 7.3 before 7.3r10…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2291
|
2024-11-21 11:06 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290439
|
- |
|
proxmox
|
mail_gateway
|
Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway before 3.1-5829 allow remote attackers to inject arbitrary web script or HTML via the (1) state parameter to objects/who/in…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2325
|
2024-11-21 11:06 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290440
|
- |
|
powerarchiver
|
powerarchiver
|
The Encrypt Files feature in ConeXware PowerArchiver before 14.02.05 uses legacy ZIP encryption even if the AES 256-bit selection is chosen, which makes it easier for context-dependent attackers to o…
|
CWE-310
Cryptographic Issues
|
CVE-2014-2319
|
2024-11-21 11:06 |
2014-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
