|
289521
|
- |
|
openstack
redhat
|
nova
openstack
|
OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an IP filter in a list active servers API re…
|
CWE-399
Resource Management Errors
|
CVE-2014-3708
|
2024-11-21 11:08 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289522
|
- |
|
adaptivecomputing
|
torque_resource_manager
|
The tm_adopt function in lib/Libifl/tm.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 5.0.x, 4.5.x, 4.2.x, and earlier does not validate that the owner of the pro…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3684
|
2024-11-21 11:08 |
2014-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289523
|
- |
|
apache
|
wss4j
cxf
|
Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF 2.7.x before 2.7.13 and 3.0.x before 3.0.2, when using TransportBinding, does not properly enforce the SAML SubjectConfirmation …
|
CWE-287
Improper Authentication
|
CVE-2014-3623
|
2024-11-21 11:08 |
2014-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289524
|
- |
|
apache
|
cxf
|
The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the au…
|
CWE-399
Resource Management Errors
|
CVE-2014-3584
|
2024-11-21 11:08 |
2014-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289525
|
- |
|
bss
|
continuity_cms
|
SQL injection vulnerability in wcm/system/pages/admin/getnode.aspx in BSS Continuity CMS 4.2.22640.0 allows remote attackers to execute arbitrary SQL commands via the nodeid parameter.
|
CWE-89
SQL Injection
|
CVE-2014-3446
|
2024-11-21 11:08 |
2014-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289526
|
- |
|
pidgin
|
pidgin
|
The jabber_idn_validate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a craft…
|
CWE-200
Information Exposure
|
CVE-2014-3698
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289527
|
- |
|
pidgin
|
pidgin
|
Absolute path traversal vulnerability in the untar_block function in win32/untar.c in Pidgin before 2.10.10 on Windows allows remote attackers to write to arbitrary files via a drive name in a tar ar…
|
CWE-22
Path Traversal
|
CVE-2014-3697
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289528
|
- |
|
pidgin
|
pidgin
|
nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a crafted server message that trigge…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3696
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289529
|
- |
|
pidgin
|
pidgin
|
markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3695
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289530
|
- |
|
opensuse
canonical
debian
pidgin
|
opensuse
ubuntu_linux
debian_linux
pidgin
|
The (1) bundled GnuTLS SSL/TLS plugin and the (2) bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of …
|
CWE-310
Cryptographic Issues
|
CVE-2014-3694
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
