|
292271
|
- |
|
apache
|
struts
|
The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method.
|
NVD-CWE-noinfo
|
CVE-2014-0094
|
2024-11-21 11:01 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292272
|
- |
|
gnu
|
gnutls
|
lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attack…
|
CWE-310
Cryptographic Issues
|
CVE-2014-0092
|
2024-11-21 11:01 |
2014-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292273
|
- |
|
serena
|
dimensions_cm
|
Cross-site request forgery (CSRF) vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that u…
|
CWE-352
Origin Validation Error
|
CVE-2014-0336
|
2024-11-21 11:01 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292274
|
- |
|
serena
|
dimensions_cm
|
Multiple cross-site scripting (XSS) vulnerabilities in the web client in Serena Dimensions CM 12.2 build 7.199.0 allow remote attackers to inject arbitrary web script or HTML via the (1) DB_CONN, (2)…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0335
|
2024-11-21 11:01 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292275
|
- |
|
cmsmadesimple
|
cms_made_simple
|
Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple allow remote authenticated users to inject arbitrary web script or HTML via (1) the group parameter to admin/addgroup.php, (2) t…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0334
|
2024-11-21 11:01 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292276
|
- |
|
linux
suse
redhat
|
linux_kernel
linux_enterprise_desktop
linux_enterprise_server
enterprise_linux_server_aus
enterprise_linux_server_tus
enterprise_linux_desktop
enterprise_linux_server
enterprise_…
|
The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0069
|
2024-11-21 11:01 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292277
|
- |
|
libpng
|
libpng
|
The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an…
|
CWE-189
Numeric Errors
|
CVE-2014-0333
|
2024-11-21 11:01 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292278
|
- |
|
emberjs
|
ember.js
|
Cross-site scripting (XSS) vulnerability in the link-to helper in Ember.js 1.2.x before 1.2.2, 1.3.x before 1.3.2, and 1.4.x before 1.4.0-beta.6, when used in non-block form, allows remote attackers …
|
CWE-79
Cross-site Scripting
|
CVE-2014-0046
|
2024-11-21 11:01 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292279
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
The security audit functionality in Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users to obtain passwords by rea…
|
CWE-310
Cryptographic Issues
|
CVE-2014-0058
|
2024-11-21 11:01 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292280
|
- |
|
apache
|
tomcat
|
org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat 6.0.33 through 6.0.37 does not consider the disableURLRewriting setting when handling a session ID in a URL, which allows remote atta…
|
CWE-20
Improper Input Validation
|
CVE-2014-0033
|
2024-11-21 11:01 |
2014-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
