257771
|
- |
|
autodesk
|
vred
|
Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers to execute arbitrary code via Python os library calls in Python API commands to the integrated web server.
|
CWE-78
OS Command
|
CVE-2014-2967
|
2014-07-8 04:10 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257772
|
- |
|
email\
|
\
|
Email::Address module before 1.904 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service (CPU consumption) via vectors related to "backtracking i…
|
NVD-CWE-Other
|
CVE-2014-4720
|
2014-07-7 23:52 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257773
|
- |
|
email\
|
\
|
<a href="http://cwe.mitre.org/data/definitions/185.html" target="_blank">CWE-185: CWE-185: Incorrect Regular Expression</a>
|
NVD-CWE-Other
|
CVE-2014-4720
|
2014-07-7 23:52 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257774
|
- |
|
kryo
|
iodine
|
(1) iodined.c and (2) user.c in iodine before 0.7.0 allows remote attackers to bypass authentication by continuing execution after an error has been triggering.
|
CWE-287
Improper Authentication
|
CVE-2014-4168
|
2014-07-7 23:49 |
2014-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257775
|
- |
|
usvn
|
user-friendly_svn
|
Cross-site scripting (XSS) vulnerability in the login panel (svn/login/) in User-Friendly SVN (aka USVN) before 1.0.7 allows remote attackers to inject arbitrary web script or HTML via the username f…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4719
|
2014-07-7 23:15 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257776
|
- |
|
lunarcms
|
lunar_cms
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Lunar CMS before 3.3-3 allow remote attackers to hijack the authentication of administrators for requests that (1) add Super users via a …
|
CWE-352
Origin Validation Error
|
CVE-2014-4718
|
2014-07-7 23:10 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257777
|
- |
|
thomson
|
twg87ouir
|
Cross-site request forgery (CSRF) vulnerability in Thomson TWG87OUIR allows remote attackers to hijack the authentication of unspecified victims for requests that change passwords via the Password an…
|
CWE-352
Origin Validation Error
|
CVE-2014-4716
|
2014-07-7 22:57 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257778
|
- |
|
theforeman
|
foreman
|
Multiple cross-site scripting (XSS) vulnerabilities in the host YAML view in Foreman before 1.4.5 and 1.5.x before 1.5.1 allow remote attackers to inject arbitrary web script or HTML via a parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2014-3492
|
2014-07-3 02:50 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257779
|
- |
|
theforeman
|
foreman
|
Cross-site scripting (XSS) vulnerability in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to inject arbitrary web script or HTML via the Name field to the New Host groups page, …
|
CWE-79
Cross-site Scripting
|
CVE-2014-3491
|
2014-07-3 02:45 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257780
|
- |
|
xen_carousel_plugin_project
|
xen_carousel
|
Multiple cross-site scripting (XSS) vulnerabilities in xencarousel-admin.js.php in the XEN Carousel plugin 0.12.2 and earlier for WordPress allow remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4602
|
2014-07-3 02:40 |
2014-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|