|
290551
|
- |
|
puppet
puppetlabs
|
facter
marionette_collective
hiera
puppet_enterprise
puppet
|
Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5…
|
CWE-17
Code
|
CVE-2014-3248
|
2024-11-21 11:07 |
2014-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290552
|
- |
|
nlnetlabs
|
ldns
|
The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3209
|
2024-11-21 11:07 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290553
|
- |
|
point-to-point_protocol_project
|
point-to-point_protocol
|
Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which trigge…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3158
|
2024-11-21 11:07 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290554
|
- |
|
cisco
|
unified_communications_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the CCM Service interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3375
|
2024-11-21 11:07 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290555
|
- |
|
cisco
|
unified_communications_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the CCM admin interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2014-3374
|
2024-11-21 11:07 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290556
|
- |
|
cisco
|
unified_communications_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the CCM Dialed Number Analyzer interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3373
|
2024-11-21 11:07 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290557
|
- |
|
cisco
|
unified_communications_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the CCM reports interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3372
|
2024-11-21 11:07 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290558
|
- |
|
cisco
|
unified_communications_manager
|
SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted response, aka…
|
CWE-89
SQL Injection
|
CVE-2014-3366
|
2024-11-21 11:07 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290559
|
- |
|
ibm
|
tivoli_composite_application_manager_for_transactions
|
The Internet Service Monitor (ISM) agent in IBM Tivoli Composite Application Manager (ITCAM) for Transactions 7.1 and 7.2 before 7.2.0.3 IF28, 7.3 before 7.3.0.1 IF30, and 7.4 before 7.4.0.0 IF18 doe…
|
CWE-310
Cryptographic Issues
|
CVE-2014-3051
|
2024-11-21 11:07 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290560
|
- |
|
cisco
|
ios
asr901
|
Cisco IOS 15.4(3)S0b on ASR901 devices makes incorrect decisions to use the CPU for IPv4 packet processing, which allows remote attackers to cause a denial of service (BGP neighbor flapping) by sendi…
|
CWE-399
Resource Management Errors
|
CVE-2014-3293
|
2024-11-21 11:07 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
