|
256811
|
- |
|
brocade
|
vyatta_5400_vrouter_software
vyatta_5400_vrouter
|
The management console on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows remote authenticated users to execute arbitrary Linux commands via shell metacharacters in a console comma…
|
CWE-78
OS Command
|
CVE-2014-4868
|
2014-10-8 08:00 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256812
|
- |
|
drupal
|
context_form_alteration_module
|
Cross-site scripting (XSS) vulnerability in the configuration UI in the Context Form Alteration module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "administer context…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7869
|
2014-10-8 02:33 |
2014-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256813
|
- |
|
embarcadero
|
embarcadero_c\+\+builder_xe6
embarcadero_delphi_xe6
|
Heap-based buffer overflow in the ReadDIB function in the Vcl.Graphics.TPicture.Bitmap implementation in the Visual Component Library (VCL) in Embarcadero Delphi XE6 20.0.15596.9843 and C++ Builder X…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0994
|
2014-10-8 01:39 |
2014-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256814
|
- |
|
jolokia
|
jolokia
|
Cross-site request forgery (CSRF) vulnerability in Jolokia before 1.2.1 allows remote attackers to hijack the authentication of users for requests that execute MBeans methods via a crafted web page.
|
CWE-352
Origin Validation Error
|
CVE-2014-0168
|
2014-10-8 00:20 |
2014-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256815
|
- |
|
apache
|
shiro
|
Apache Shiro 1.x before 1.2.3, when using an LDAP server with unauthenticated bind enabled, allows remote attackers to bypass authentication via an empty (1) username or (2) password.
|
CWE-287
Improper Authentication
|
CVE-2014-0074
|
2014-10-7 23:16 |
2014-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256816
|
- |
|
tp-link
|
firmware
|
Multiple cross-site request forgery (CSRF) vulnerabilities on the TP-LINK WR1043N router with firmware TL-WR1043ND_V1_120405 allow remote attackers to hijack the authentication of administrators for …
|
CWE-352
Origin Validation Error
|
CVE-2013-2645
|
2014-10-7 03:50 |
2014-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256817
|
- |
|
rockwellautomation
|
ab_micrologix_controller
|
The DNP3 feature on Rockwell Automation Allen-Bradley MicroLogix 1400 1766-Lxxxxx A FRN controllers 7 and earlier and 1400 1766-Lxxxxx B FRN controllers before 15.001 allows remote attackers to cause…
|
CWE-399
Resource Management Errors
|
CVE-2014-5410
|
2014-10-7 03:41 |
2014-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256818
|
- |
|
cisco
|
ios_xr
asr_9000_rsp440_router
asr_9001
asr_9006
asr_9010
asr_9904
asr_9912
asr_9922
|
Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3396
|
2014-10-7 03:30 |
2014-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256819
|
- |
|
cisco
|
webex_meetings_server
|
Cisco WebEx Meetings Server allows remote authenticated users to obtain sensitive information by reading logs, aka Bug IDs CSCuq36417 and CSCuq40344.
|
CWE-200
Information Exposure
|
CVE-2014-3400
|
2014-10-7 03:23 |
2014-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256820
|
- |
|
mm_forum_project
|
mm_forum
|
Cross-site request forgery (CSRF) vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to hijack the authentication of users for requests that create posts via unspe…
|
CWE-352
Origin Validation Error
|
CVE-2014-6299
|
2014-10-7 03:02 |
2014-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
