|
292221
|
- |
|
linux
|
linux_kernel
|
The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from ke…
|
CWE-399
Resource Management Errors
|
CVE-2014-1446
|
2024-11-21 11:04 |
2014-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292222
|
- |
|
linux
|
linux_kernel
|
The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information f…
|
CWE-399
Resource Management Errors
|
CVE-2014-1445
|
2024-11-21 11:04 |
2014-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292223
|
- |
|
linux
|
linux_kernel
|
The fst_get_iface function in drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive informati…
|
CWE-399
Resource Management Errors
|
CVE-2014-1444
|
2024-11-21 11:04 |
2014-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292224
|
- |
|
linux
|
linux_kernel
|
The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMM…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1438
|
2024-11-21 11:04 |
2014-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292225
|
- |
|
mcafee
|
vulnerability_manager
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Enterprise Manager in McAfee Vulnerability Manager (MVM) 7.5.5 and earlier allow remote attackers to hijack the authentication of use…
|
CWE-352
Origin Validation Error
|
CVE-2014-1473
|
2024-11-21 11:04 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292226
|
- |
|
mcafee
|
vulnerability_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the Enterprise Manager in McAfee Vulnerability Manager (MVM) 7.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1472
|
2024-11-21 11:04 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292227
|
- |
|
csp_mysql_user_manager_project
|
csp_mysql_user_manager
|
SQL injection vulnerability in CSP MySQL User Manager 2.3 allows remote attackers to execute arbitrary SQL commands via the login field of the login page.
|
CWE-89
SQL Injection
|
CVE-2014-1466
|
2024-11-21 11:04 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292228
|
- |
|
conceptronic
|
c54apm_firmware
c54apm
|
The Conceptronic C54APM access point with runtime code 1.26 has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via an HTTP request, as …
|
CWE-255
Credentials Management
|
CVE-2014-1408
|
2024-11-21 11:04 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292229
|
- |
|
conceptronic
|
c54apm_firmware
c54apm
|
Multiple cross-site scripting (XSS) vulnerabilities on the Conceptronic C54APM access point with runtime code 1.26 allow remote attackers to inject arbitrary web script or HTML via (1) the submit-url…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1407
|
2024-11-21 11:04 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292230
|
- |
|
conceptronic
|
c54apm_firmware
c54apm
|
CRLF injection vulnerability in goform/formWlSiteSurvey on the Conceptronic C54APM access point with runtime code 1.26 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP respon…
|
CWE-20
Improper Input Validation
|
CVE-2014-1406
|
2024-11-21 11:04 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
