|
291681
|
- |
|
pearson
|
esis_enterprise_student_information_system
|
Cross-site scripting (XSS) vulnerability in aal/loginverification.aspx in Pearson eSIS Enterprise Student Information System allows remote attackers to inject arbitrary web script or HTML via unspeci…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1942
|
2024-11-21 11:05 |
2014-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291682
|
- |
|
posh_project
|
posh
|
The remember me feature in portal/scr_authentif.php in POSH (aka Posh portal or Portaneo) 3.0, 3.2.1, 3.3.0, and earlier stores the username and MD5 digest of the password in cleartext in a cookie, w…
|
CWE-255
Credentials Management
|
CVE-2014-2212
|
2024-11-21 11:05 |
2014-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291683
|
- |
|
openstack
|
keystone
|
The memcache token backend in OpenStack Identity (Keystone) 2013.1 through 2.013.1.4, 2013.2 through 2013.2.2, and icehouse before icehouse-3, when issuing a trust token with impersonation enabled, d…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2237
|
2024-11-21 11:05 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291684
|
- |
|
xen
|
xen
|
The (1) do_send and (2) do_recv functions in io.c in libvchan in Xen 4.2.x, 4.3.x, and 4.4-RC series allows local guests to cause a denial of service or possibly gain privileges via crafted xenstore …
|
CWE-20
Improper Input Validation
|
CVE-2014-1896
|
2024-11-21 11:05 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291685
|
- |
|
xen
|
xen
|
Off-by-one error in the flask_security_avc_cachestats function in xsm/flask/flask_op.c in Xen 4.2.x and 4.3.x, when the maximum number of physical CPUs are in use, allows local users to cause a denia…
|
CWE-189
Numeric Errors
|
CVE-2014-1895
|
2024-11-21 11:05 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291686
|
- |
|
xen
|
xen
|
Multiple integer overflows in unspecified suboperations in the flask hypercall in Xen 3.2.x and earlier, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unsp…
|
CWE-189
Numeric Errors
|
CVE-2014-1894
|
2024-11-21 11:05 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291687
|
- |
|
xen
|
xen
|
Multiple integer overflows in the (1) FLASK_GETBOOL and (2) FLASK_SETBOOL suboperations in the flask hypercall in Xen 4.1.x, 3.3.x, 3.2.x, and earlier, when XSM is enabled, allow local users to cause…
|
CWE-189
Numeric Errors
|
CVE-2014-1893
|
2024-11-21 11:05 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291688
|
- |
|
xen
|
xen
|
Xen 3.3 through 4.1, when XSM is enabled, allows local users to cause a denial of service via vectors related to a "large memory allocation," a different vulnerability than CVE-2014-1891, CVE-2014-18…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1892
|
2024-11-21 11:05 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291689
|
- |
|
xen
|
xen
|
Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and earlie…
|
CWE-189
Numeric Errors
|
CVE-2014-1891
|
2024-11-21 11:05 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291690
|
- |
|
sonatype
|
nexus
|
Unspecified vulnerability in Sonatype Nexus OSS and Pro 2.4.0 through 2.7.1 allows attackers to create arbitrary user accounts via unknown vectors related to "an unauthenticated execution path."
|
NVD-CWE-noinfo
|
CVE-2014-2034
|
2024-11-21 11:05 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
