|
291861
|
7.8 |
HIGH
Local
|
coreftp
|
core_ftp
|
Multiple buffer overflows in Core FTP Server before 1.2 build 508 allow local users to gain privileges via vectors related to reading data from config.dat and Windows Registry.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1215
|
2024-11-21 11:03 |
2018-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291862
|
9.8 |
CRITICAL
Network
|
zsh_project
|
zsh
|
In utils.c in zsh before 5.0.6, there is a buffer overflow when scanning very long directory paths for symbolic links.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-10072
|
2024-11-21 11:03 |
2018-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291863
|
9.8 |
CRITICAL
Network
|
zsh
canonical
|
zsh
ubuntu_linux
|
In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-10071
|
2024-11-21 11:03 |
2018-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291864
|
7.8 |
HIGH
Local
|
zsh_project
|
zsh
|
zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treating them as literal numbers). That could allow local privilege escalation,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-10070
|
2024-11-21 11:03 |
2018-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291865
|
7.5 |
HIGH
Network
|
hitrontech
|
cve-30360_firmware
|
Hitron CVE-30360 devices use a 578A958E3DD933FC DES key that is shared across different customers' installations, which makes it easier for attackers to obtain sensitive information by decrypting a b…
|
CWE-310
Cryptographic Issues
|
CVE-2014-10069
|
2024-11-21 11:03 |
2018-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291866
|
9.8 |
CRITICAL
Network
|
eyou
|
eyou
|
The get_login_ip_config_file function in Eyou Mail System before 3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to admin/domain/ip_login_se…
|
CWE-77
Command Injection
|
CVE-2014-1203
|
2024-11-21 11:03 |
2017-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291867
|
7.5 |
HIGH
Network
|
google
|
android
|
WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and poten…
|
CWE-19
Data Processing Errors
|
CVE-2014-0997
|
2024-11-21 11:03 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291868
|
7.8 |
HIGH
Local
|
graphviz
|
graphviz
|
Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. NOTE: …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1235
|
2024-11-21 11:03 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291869
|
- |
|
sendio
|
sendio
|
Sendio before 7.2.4 includes the session identifier in URLs in emails, which allows remote attackers to obtain sensitive information and hijack sessions by reading the jsessionid parameter in the Ref…
|
CWE-200
Information Exposure
|
CVE-2014-0999
|
2024-11-21 11:03 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291870
|
- |
|
ibm
|
db2
|
IBM DB2 9.5 through 10.5 on Linux, UNIX, and Windows stores passwords during the processing of certain SQL statements by the monitoring and audit facilities, which allows remote authenticated users t…
|
CWE-200
Information Exposure
|
CVE-2014-0919
|
2024-11-21 11:03 |
2015-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
