|
290841
|
- |
|
moodle
|
moodle
|
The blind-marking implementation in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote authenticated users to de-anonymize student identities by (1) …
|
CWE-200
Information Exposure
|
CVE-2014-0215
|
2024-11-21 11:01 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290842
|
- |
|
moodle
|
moodle
|
login/token.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 creates a MoodleMobile web-service token with an infinite lifetime, which makes it easier for…
|
CWE-287
Improper Authentication
|
CVE-2014-0214
|
2024-11-21 11:01 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290843
|
- |
|
moodle
|
moodle
|
Multiple cross-site request forgery (CSRF) vulnerabilities in mod/assign/locallib.php in the Assignment subsystem in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2…
|
CWE-352
Origin Validation Error
|
CVE-2014-0213
|
2024-11-21 11:01 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290844
|
- |
|
pocoo
|
jinja2
|
FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which allows local users to gain privileges by pre-creating a temporary directory with a user's uid. NOTE: thi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0012
|
2024-11-21 11:01 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290845
|
- |
|
canonical
x
|
ubuntu_linux
libxfont
|
Multiple integer overflows in the (1) fs_get_reply, (2) fs_alloc_glyphs, and (3) fs_read_extent_info functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to…
|
CWE-189
Numeric Errors
|
CVE-2014-0211
|
2024-11-21 11:01 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290846
|
- |
|
x
canonical
|
libxfont
ubuntu_linux
|
Multiple buffer overflows in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 allow remote font servers to execute arbitrary code via a crafted xfs protocol reply to the (1) _fs_recv_conn_set…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0210
|
2024-11-21 11:01 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290847
|
- |
|
x
canonical
|
libxfont
ubuntu_linux
|
Multiple integer overflows in the (1) FontFileAddEntry and (2) lexAlias functions in X.Org libXfont before 1.4.8 and 1.4.9x before 1.4.99.901 might allow local users to gain privileges by adding a di…
|
CWE-189
Numeric Errors
|
CVE-2014-0209
|
2024-11-21 11:01 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290848
|
- |
|
redhat
|
cloudforms_3.0_management_engine
|
SQL injection vulnerability in the saved_report_delete action in the ReportController in Red Hat CloudForms Management Engine (CFME) before 5.2.3.2 allows remote authenticated users to execute arbitr…
|
CWE-89
SQL Injection
|
CVE-2014-0137
|
2024-11-21 11:01 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290849
|
- |
|
redhat
|
cloudforms_3.0_management_engine
|
The CatalogController in Red Hat CloudForms Management Engine (CFME) before 5.2.3.2 allows remote authenticated users to delete arbitrary catalogs via vectors involving guessing the catalog ID.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0078
|
2024-11-21 11:01 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290850
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0310
|
2024-11-21 11:01 |
2014-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
