|
258001
|
- |
|
oracle
|
database_server
|
Unspecified vulnerability in the Workspace Manager component in Oracle Database 11.1.0.6, 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect co…
|
NVD-CWE-noinfo
|
CVE-2009-0972
|
2014-09-9 02:56 |
2009-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258002
|
- |
|
piwigo
|
piwigo
|
Cross-site scripting (XSS) vulnerability in admin/picture_modify.php in the photo-edit subsystem in Piwigo 2.6.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ass…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3900
|
2014-09-9 02:54 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258003
|
- |
|
tenfourzero
|
shutter
|
SQL injection vulnerability in lib/admin.php in tenfourzero Shutter 0.1.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-3904
|
2014-09-9 02:51 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258004
|
- |
|
tenfourzero
|
shutter
|
Cross-site scripting (XSS) vulnerability in tenfourzero Shutter 0.1.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3905
|
2014-09-9 02:51 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258005
|
- |
|
xml-dt_project
|
xml-dt
|
The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file.
|
CWE-59
Link Following
|
CVE-2014-5260
|
2014-09-9 02:49 |
2014-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258006
|
- |
|
netmaster
|
cbw700_software
netmaster_cbw700n
|
The Netmaster CBW700N cable modem with software 81.447.392110.729.024 has an SNMP community of public, which allows remote attackers to obtain sensitive credential, key, and SSID information via an S…
|
CWE-200
Information Exposure
|
CVE-2014-4862
|
2014-09-9 02:23 |
2014-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258007
|
- |
|
arris
|
touchstone_dg950a_software
touchstone_dg950a
|
The Arris Touchstone DG950A cable modem with software 7.10.131 has an SNMP community of public, which allows remote attackers to obtain sensitive password, key, and SSID information via an SNMP reque…
|
CWE-200
Information Exposure
|
CVE-2014-4863
|
2014-09-9 02:11 |
2014-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258008
|
- |
|
solarwinds
|
log_and_event_manager
|
SolarWinds Log and Event Manager before 6.0 uses "static" credentials, which makes it easier for remote attackers to obtain access to the database and execute arbitrary code via unspecified vectors, …
|
CWE-255
Credentials Management
|
CVE-2014-5504
|
2014-09-9 02:00 |
2014-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258009
|
- |
|
srvx
|
srvx
|
Multiple integer overflows in the HelpServ module (mod-helpserv.c) in srvx 1.3.1 allow remote authenticated IRCops or HelpServ bot managers to cause a denial of service (infinite loop) via a large va…
|
CWE-189
Numeric Errors
|
CVE-2014-5508
|
2014-09-9 01:27 |
2014-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258010
|
- |
|
sensysnetworks
|
trafficdot
vsn240-f
vsn240-t
vds
|
Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and TrafficDOT before 2.10.3 do not use encryption, which allows remote attackers to interfere with traffic control by replaying transm…
|
CWE-310
Cryptographic Issues
|
CVE-2014-2379
|
2014-09-9 00:09 |
2014-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
