| Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-8684 | 7.5 |
CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remote attackers to spoof session cookies and consequently conduct PHP object injection attacks by leveraging use of standard string comparison operators t
|
28-09-2017 - 18:47 | 19-09-2017 - 19:29 | |
| CVE-2014-8686 | 5.0 |
CodeIgniter before 2.2.0 makes it easier for attackers to decode session cookies by leveraging fallback to a custom XOR-based encryption scheme when the Mcrypt extension for PHP is not available.
|
28-09-2017 - 18:19 | 19-09-2017 - 19:29 | |
| CVE-2014-8687 | 10.0 |
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute arbitrary code with root privileges by leveraging use of a static encryption key to create session tokens.
|
16-06-2017 - 17:40 | 08-06-2017 - 16:29 |