|
287281
|
- |
|
ettercap-project
|
ettercap
|
Heap-based buffer overflow in the dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service or possibly execute arbitra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-6395
|
2024-11-21 11:14 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287282
|
- |
|
zenoss
|
zenoss_core
|
Zenoss Core through 5 Beta 3 does not properly implement the Check For Updates feature, which allows remote attackers to execute arbitrary code by (1) spoofing the callhome server or (2) deploying a …
|
CWE-94
Code Injection
|
CVE-2014-6261
|
2024-11-21 11:14 |
2014-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287283
|
- |
|
zenoss
|
zenoss_core
|
Zenoss Core through 5 Beta 3 does not require a password for modifying the pager command string, which allows remote attackers to execute arbitrary commands or cause a denial of service (paging outag…
|
CWE-77
Command Injection
|
CVE-2014-6260
|
2024-11-21 11:14 |
2014-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287284
|
- |
|
zenoss
|
zenoss_core
|
Zenoss Core through 5 Beta 3 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML docu…
|
CWE-399
Resource Management Errors
|
CVE-2014-6259
|
2024-11-21 11:14 |
2014-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287285
|
- |
|
zenoss
|
zenoss_core
|
An unspecified endpoint in Zenoss Core through 5 Beta 3 allows remote attackers to cause a denial of service (CPU consumption) by triggering an arbitrary regular-expression match attempt, aka ZEN-154…
|
CWE-399
Resource Management Errors
|
CVE-2014-6258
|
2024-11-21 11:14 |
2014-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287286
|
- |
|
zenoss
|
zenoss_core
|
Zenoss Core through 5 Beta 3 allows remote attackers to bypass intended access restrictions by using a web-endpoint URL to invoke an object helper method, aka ZEN-15407.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-6257
|
2024-11-21 11:14 |
2014-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287287
|
- |
|
zenoss
|
zenoss_core
|
Zenoss Core through 5 Beta 3 allows remote attackers to bypass intended access restrictions and place files in a directory with public (1) read or (2) execute access via a move action, aka ZEN-15386.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-6256
|
2024-11-21 11:14 |
2014-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287288
|
- |
|
zenoss
|
zenoss_core
|
Open redirect vulnerability in the login form in Zenoss Core before 4.2.5 SP161 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the came_from paramet…
|
NVD-CWE-Other
|
CVE-2014-6255
|
2024-11-21 11:14 |
2014-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287289
|
- |
|
zenoss
|
zenoss_core
|
Multiple cross-site scripting (XSS) vulnerabilities in Zenoss Core through 5 Beta 3 allow remote attackers to inject arbitrary web script or HTML via an attribute in a (1) device name, (2) device det…
|
CWE-79
Cross-site Scripting
|
CVE-2014-6254
|
2024-11-21 11:14 |
2014-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287290
|
- |
|
zenoss
|
zenoss_core
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Zenoss Core through 5 Beta 3 allow remote attackers to hijack the authentication of arbitrary users, aka ZEN-12653.
|
CWE-352
Origin Validation Error
|
CVE-2014-6253
|
2024-11-21 11:14 |
2014-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
