|
257311
|
- |
|
limesurvey
|
limesurvey
|
Multiple cross-site scripting (XSS) vulnerabilities in LimeSurvey 2.05+ Build 140618 allow remote attackers to inject arbitrary web script or HTML via (1) the pid attribute to the getAttribute_json f…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5016
|
2014-07-22 22:58 |
2014-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257312
|
- |
|
redhat
|
enterprise_mrg
|
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6445
|
2014-07-19 03:50 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257313
|
- |
|
super_project
|
super
|
super.c in Super 3.30.0 does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors, aka an RLIMIT_NPROC attack.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0470
|
2014-07-19 03:40 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257314
|
- |
|
fortinet
|
fortiweb
|
Cross-site scripting (XSS) vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-1955
|
2014-07-19 03:38 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257315
|
- |
|
fortinet
|
fortiweb
|
CRLF injection vulnerability in FortiGuard FortiWeb before 5.0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2014-1956
|
2014-07-19 03:38 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257316
|
- |
|
fortinet
|
fortiweb
|
CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') "http://cwe.mitre.org/data/definitions/113.html"
|
NVD-CWE-Other
|
CVE-2014-1956
|
2014-07-19 03:38 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257317
|
- |
|
fortinet
|
fortiweb
|
FortiGuard FortiWeb before 5.0.3 allows remote authenticated users to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1957
|
2014-07-19 03:32 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257318
|
- |
|
canonical
|
ubuntu_linux
|
The Ubuntu Date and Time Indicator (aka indicator-datetime) 13.10.0+13.10.x before 13.10.0+13.10.20131023.2-0ubuntu1.1 does not properly restrict access to Evolution, which allows local users to bypa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7374
|
2014-07-19 03:15 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257319
|
- |
|
citrix
|
netscaler_access_gateway_firmware
netscaler_application_delivery_controller_firmware
netscaler_application_delivery_controller
netscaler_access_gateway
|
Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9…
|
NVD-CWE-noinfo
|
CVE-2014-2881
|
2014-07-19 03:14 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257320
|
- |
|
citrix
|
netscaler_access_gateway_firmware
netscaler_application_delivery_controller_firmware
netscaler_access_gateway
netscaler_application_delivery_controller
|
Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and …
|
NVD-CWE-noinfo
|
CVE-2014-2882
|
2014-07-19 03:00 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
