|
290981
|
- |
|
linux
redhat
canonical
f5
|
linux_kernel
enterprise_linux_server_aus
enterprise_linux_server_tus
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_eus
ubuntu_lin…
|
The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call,…
|
CWE-476
NULL Pointer Dereference
|
CVE-2014-0101
|
2024-11-21 11:01 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290982
|
- |
|
linux
|
linux_kernel
|
Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that…
|
CWE-120
Classic Buffer Overflow
|
CVE-2014-0049
|
2024-11-21 11:01 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290983
|
- |
|
apache
|
struts
|
The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method.
|
NVD-CWE-noinfo
|
CVE-2014-0094
|
2024-11-21 11:01 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290984
|
- |
|
gnu
|
gnutls
|
lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attack…
|
CWE-310
Cryptographic Issues
|
CVE-2014-0092
|
2024-11-21 11:01 |
2014-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290985
|
- |
|
serena
|
dimensions_cm
|
Cross-site request forgery (CSRF) vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that u…
|
CWE-352
Origin Validation Error
|
CVE-2014-0336
|
2024-11-21 11:01 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290986
|
- |
|
serena
|
dimensions_cm
|
Multiple cross-site scripting (XSS) vulnerabilities in the web client in Serena Dimensions CM 12.2 build 7.199.0 allow remote attackers to inject arbitrary web script or HTML via the (1) DB_CONN, (2)…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0335
|
2024-11-21 11:01 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290987
|
- |
|
cmsmadesimple
|
cms_made_simple
|
Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple allow remote authenticated users to inject arbitrary web script or HTML via (1) the group parameter to admin/addgroup.php, (2) t…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0334
|
2024-11-21 11:01 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290988
|
- |
|
linux
suse
redhat
|
linux_kernel
linux_enterprise_desktop
linux_enterprise_server
enterprise_linux_server_aus
enterprise_linux_server_tus
enterprise_linux_desktop
enterprise_linux_server
enterprise_…
|
The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0069
|
2024-11-21 11:01 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290989
|
- |
|
libpng
|
libpng
|
The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an…
|
CWE-189
Numeric Errors
|
CVE-2014-0333
|
2024-11-21 11:01 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290990
|
- |
|
emberjs
|
ember.js
|
Cross-site scripting (XSS) vulnerability in the link-to helper in Ember.js 1.2.x before 1.2.2, 1.3.x before 1.3.2, and 1.4.x before 1.4.0-beta.6, when used in non-block form, allows remote attackers …
|
CWE-79
Cross-site Scripting
|
CVE-2014-0046
|
2024-11-21 11:01 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
