|
290971
|
- |
|
apache
|
commons_beanutils
struts
|
Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the …
|
CWE-20
Improper Input Validation
|
CVE-2014-0114
|
2024-11-21 11:01 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290972
|
- |
|
f5
|
nginx
|
The SPDY implementation in the ngx_http_spdy_module module in nginx 1.5.10 before 1.5.11, when running on a 32-bit platform, allows remote attackers to execute arbitrary code via a crafted request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0088
|
2024-11-21 11:01 |
2014-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290973
|
- |
|
apache
|
struts
|
CookieInterceptor in Apache Struts before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0113
|
2024-11-21 11:01 |
2014-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290974
|
- |
|
apache
|
struts
|
ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0112
|
2024-11-21 11:01 |
2014-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290975
|
- |
|
openstack
canonical
opensuse
|
neutron
ubuntu_linux
opensuse
|
The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a s…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0187
|
2024-11-21 11:01 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290976
|
- |
|
zarafa
|
zarafa
|
The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 7.1.8, 6.20.0, and earlier, when using certain build conditions, allows remote attackers to cause a denial of service (cra…
|
CWE-20
Improper Input Validation
|
CVE-2014-0079
|
2024-11-21 11:01 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290977
|
- |
|
zarafa
|
zarafa
|
The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 5.00 before 7.1.8 beta2 allows remote attackers to cause a denial of service (crash) via vectors related to "a NULL pointe…
|
CWE-20
Improper Input Validation
|
CVE-2014-0037
|
2024-11-21 11:01 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290978
|
- |
|
openstack
|
image_registry_and_delivery_service_\(glance\)
icehouse
|
The Sheepdog backend in OpenStack Image Registry and Delivery Service (Glance) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or m…
|
CWE-20
Improper Input Validation
|
CVE-2014-0162
|
2024-11-21 11:01 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290979
|
- |
|
linux
redhat
suse
opensuse
|
linux_kernel
enterprise_linux_server
linux_enterprise_server
evergreen
linux_enterprise_real_time_extension
enterprise_linux_desktop
suse_linux_enterprise_server
|
The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intend…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0181
|
2024-11-21 11:01 |
2014-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290980
|
- |
|
pocoproject
|
poco_c\+\+_libraries
|
The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are r…
|
CWE-310
Cryptographic Issues
|
CVE-2014-0350
|
2024-11-21 11:01 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
