|
293201
|
- |
|
redhat
odata4j_project
|
jboss_data_virtualization
odata4j
|
XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a…
|
NVD-CWE-Other
|
CVE-2014-0171
|
2024-11-21 11:01 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293202
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
JBoss SX and PicketBox, as used in Red Hat JBoss Enterprise Application Platform (EAP) before 6.2.3, use world-readable permissions on audit.log, which allows local users to obtain sensitive informat…
|
CWE-200
Information Exposure
|
CVE-2014-0059
|
2024-11-21 11:01 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293203
|
- |
|
freerdp
opensuse
|
freerdp
opensuse
|
Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress f…
|
CWE-189
Numeric Errors
|
CVE-2014-0250
|
2024-11-21 11:01 |
2014-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293204
|
- |
|
apache
|
hive
|
Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check the file permissions for (1) import and (2) export statements, which allows remote authenticated use…
|
CWE-284
Improper Access Control
|
CVE-2014-0228
|
2024-11-21 11:01 |
2014-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293205
|
- |
|
redhat
|
openshift
|
Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow remote authenticated users to execute arbitrary commands via shell metacharacters in a directory name that is referenced by a cartr…
|
CWE-94
Code Injection
|
CVE-2014-0233
|
2024-11-21 11:01 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293206
|
- |
|
suse
qemu
|
linux_enterprise_server
qemu
|
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, whi…
|
CWE-189
Numeric Errors
|
CVE-2014-0223
|
2024-11-21 11:01 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293207
|
- |
|
suse
qemu
|
linux_enterprise_server
qemu
|
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.
|
CWE-189
Numeric Errors
|
CVE-2014-0222
|
2024-11-21 11:01 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293208
|
- |
|
qemu
|
qemu
|
Heap-based buffer overflow in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0182
|
2024-11-21 11:01 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293209
|
- |
|
openstack
|
keystone
|
OpenStack Identity (Keystone) before 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as a user, which allows remote authenticated users to gain privileges th…
|
CWE-269
Improper Privilege Management
|
CVE-2014-0204
|
2024-11-21 11:01 |
2014-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293210
|
- |
|
redhat
|
cloudforms_3.0_management_engine
|
The (1) get and (2) log methods in the AgentController in Red Hat CloudForms 3.0 Management Engine (CFME) 5.x allow remote attackers to insert arbitrary text into log files via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2014-0136
|
2024-11-21 11:01 |
2014-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
